Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘detections’
March 31st, 2014

The Gray-zone of malware detection in Android OS

Does the title of this blog post have a mysterious meaning? Not exactly.

In this first part about the gray-zone of Android malware detections, I will introduce the Android:SecApk, a detection regarding the protection that the App Shield (Bangcle) offers to Android applications (.apk). This detection has a big sample set that is still growing. Some SecApk wrapped samples that existed or still exist in the Google Play Store and third party stores, can be seen in the table below.


Name \ Info



\ PUP – An application to promote a specific movie. Potentially unwanted because of the extended permissions that was requested.

Current Status: Removed from Google Play



\PUP – A game that have potentially unwanted permissions that they can drive to loss of private personal info.



\PUP – A screensaver application that has permissions unrelated with the purpose of the app.



\Pup – This application is a tennis game. Potentially unwanted because of the extended permissions that was requested.



\Malware – This app steal personal data and SMS messages from the user.


The App Shield is an online service that, after a submission of an .apk, encrypts it and adds some layers of protection. The procedure of the encryption and protection of the apk will be discussed with more detail during the course of the second part of this blog post.

Starting with the submission process, a clean app named AvstTest.apk uploaded to the service. The exported .apk was renamed as AvstTest[SecApk].apk. In addition, apktool and dex2jar used accordingly to decode the .apk resources and convert the ‘.dex’ files to ‘.jar’.

Folder structure

  Read more…