DexX A Double Layer Unpacking Framework for Android

DexX A Double Layer Unpacking Framework for Android

In recent years, many packing services emerge and have been used to protect Android applications by concealing the executable files. However, it also brings some severe problems. For example, Android malwares use packers to escape detection from the anti-virus engine, which makes it harder to filter out the malicious applications. At present, existing Android unpacking exploits are designed complicated and not adaptive for new packers, which makes the unpackers always failed to keep up with the new packing techniques. In this paper, we propose a universal unpacking framework named DexX to extract dex files protected by these packing services. We apply DexX to packed Android applications, the experiment results show that our DexX can extract and recover original executable files (dex files) packed by most well-known commercial packers effectively and accurately.

see more at https://ieeexplore.ieee.org/abstract/document/8490853