Analisis Malicious Software Trojan Downloader Pada Android Menggunakan Teknik Reverse Engineering (Studi Kasus: Kamus Kesehatan v2.apk)

Abstract

The development of smartphone technology with the Android platform has made very rapid progress. Smartphones help and facilitate daily human work such as communicating, shopping, and financial transactions. However, because android is an open- source system, anyone can easily develop android applications that can be downloaded on the android app market. Including applications that have been inserted by malware by application developers, one of which is the Trojan downloader malware. The analysis was carried out by implementing the Trojan downloader malware infection in the health dictionary application using the reverse engineering method. Trojan downloader malware infection uses metasploit framework tools. The application will be infected with the payload created from the metasploit framework. This study will analyze the health dictionary application before and after being infected with the Trojan downloader malware using the reverse engineering method. The results of the analysis on the health dictionary application found that the difference in the size of the application was 10.17 MB, which previously was 10.05 MB. Of course, by changing the file size, the SHA256 hashing changes automatically. In the permissions section, it was found that there were only 9 permissions before being infected, but after being infected, we found 18 additional permissions, bringing the total to 27 permissions