This project contains Xamarin.Android bindings for the original anti-emulator project.
The repository is a fork due to the fact I needed to make some edits to the original library to generate the bindable .aar (the Android library is not publicly distributed and the author doesn't have plans to do so).
🔒📌 Note: I highly encourage you to install BreachDetector instead, which will allow you to work in a cross platform way.
Android Anti-Emulator, originally presented at HitCon 2013: "Dex Education 201: Anti-Emulation"
Purpose of this project was intended to show various ways of detecting an emulated Android environment. Some of the methods are adapted from previously seen malware on other operating systems, others are just random thoughts. Slowly over time things have been added that I've either thought of randomly, stumbled upon or came across in the wild. I'll do my best to comment if anything from the wild is added directly to the project, as this would likely be more interesting to AV/researchers attempting to hide their own sandboxes.
- slides/ - Talk slides
- AntiEmulation/ - Eclipse project and main source of anti* code
This presentation and code are meant for education and research purposes only. Do as you please with it, but accept any and all responsibility for your actions. The tools were created specifically to assist in malware reversing and analysis - be careful.
Copyright 2014-19 Tim 'diff' Strazzere <[email protected]>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.