- Unable to analyze due to hardware-virtualization detection methods (QEMU)
- Unable to analyze due to hardware scanning methods
(Sensor, WiFi, Bluetooth, GPS, GPRS scanning)
- Unable to analyze due to debugger detection methods
(Android Debug Bridge)
- Unable to analyze due to analyzer detection methods
(Xposed Framework, Frida)
Unable to analyze in rooted environment
(scanning for superuser trace)
- Baremetal ARM-based sandbox
- Disarm intelligent malware
- Dedicated analysis environment
- Faster than emulators and real phones
- Fast profiling: easy to deploy & modify
- Native-code analysis
- Diagnosis of abnormal operations at runtime
- Interactive visualization
- Static Analysis: APK
- Dynamic Analysis: SDK & NDK
- Interactive Analysis: Users are able to interactive with App through web-based VNC