 |
 |
 |
 |
 |
 |
| Family | Summary | Signature Behaviors | Report |
|---|---|---|---|
| DroidKungFu | Privilege escalation with C2 control. | 1. Gain unlimited access to a device. 2. Install/Uninstall additional apps. 3. Forward confidential data. |
View |
| GoldDream | SMS/call log exfiltration with remote C2 commands. | 1. Monitor SMS messages and phone calls. 2. Upload SMS messages and phone calls to remote servers. |
View |
| SpyNote | Credential theft and device surveillance via RAT. | 1. Take screenshots. 2. Simulate user gestures. 3. Log user input. 4. Communicate with C2 servers. |
View |
| DawDropper | Dropper that installs banking trojans for financial theft. | 1. Download APKs from remote servers. 2. Install additional APKs. |
View |
| SLocker | Android ransomware locking/encrypting devices. | 1. Lock the device with an overlay screen. | View |
| PhantomCard | NFC relay–based financial fraud. | 1. Communicate with C2 servers. 2. Read the payment data of NFC cards. 3. Captures PINs of NFC cards through deceptive screens. |
View |
Install the latest version of Quark Engine:
$ pip3 install -U quark-engineFetch the latest rule database:
$ freshquarkAnalyze an APK with the downloaded rules and generate a summary report:
$ quark -a <apk_file> -sExample output:
Quark-Engine has been participating in the GSoC under the Honeynet Project!
- 2021:
Stay tuned for the upcoming GSoC! Join the Honeynet Slack chat for more info.
- We love battle fields. We embrace uncertainties. We challenge impossibles. We rethink everything. We change the way people think. And the most important of all, we benefit ourselves by benefit others first.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=64&v=4){kind=small}
