Android Disassembler: Analyze malicious app on your phone
Analyze malicious app on your phone
Android Disassembler is an application that is able to analyze several types of files such as APK files, dex files, shared libraries (aka .so files) (NDK, JNI), windows PE files(EXE, DLLs, SYSs, etc..), Linux executables, object files and much more. These app features are based on capstone library, elf parser, PE parser, backsmali, and facile reflector.
- Shows details of elf files.
- Shows symbol table(functions or objects’,… names) of elf files.
- Disassembles the code sections.
- Has various export options of the disassembly. (Reloadable raw file, compilable txt file, analytic text files, json, and reloadable database)
- Supports projects.
- Supports directly launching from file browsers.
- Supports many ABIs(arm,x86,x64,MIPS,PowerPC,…)
- Jump to address by symbols’ names or a hex address.
- Syntax colorizing.
- Support PE and other bin formats.
- Sort symbols if needed.
- Colorize PUSH/POP instructions.
- Colorize ARM arch instructions better.
- Added Follow Jump menu for jump instructions. (With BackStack)
- Can override auto parse setup
- You can copy instructions to the clipboard.
- It now parses IAT, EAT of PE headers.
- You can now choose the columns to view.
- Supports analyzing system files(which are not accessible without root permission) for rooted phones.
- Friendlier message for non-parsable files.
- The storage chooser now retains the session, so that it remembers the last browsed folder.
- Added Hex View and utility calculator.
- Theme installation is automated.
- Choose which binary to analyze when the zip/apk has multiple binaries.
- Choose APK from installed
- Search for strings in the binary (Unfortunately only for ascii characters)
- Bytewise analysis (mean, hashes, entropy, g-test, chi-test, autocorrelation) to help determine if the file is encrypted
- Support .NET assemblies
- Support dex files
- Analyzing multiple files in a project is allowed.
Copyright (c) 2018 Hyeonseo Yang