Do you have trouble with analyzing intelligent android malware?


- Unable to analyze due to hardware-virtualization detection methods (QEMU)

- Unable to analyze due to hardware scanning methods
(Sensor, WiFi, Bluetooth, GPS, GPRS scanning)


- Unable to analyze due to debugger detection methods
(Android Debug Bridge)

- Unable to analyze due to analyzer detection methods
(Xposed Framework, Frida)

Rooting Detection

Unable to analyze in rooted environment
(scanning for superuser trace)

Native environment

- Baremetal ARM-based sandbox

- Disarm intelligent malware

- Dedicated analysis environment


- Faster than emulators and real phones

- Fast profiling: easy to deploy & modify

Extended analysis

- Native-code analysis

- Diagnosis of abnormal operations at runtime

Analysis Data

- Interactive visualization

- Static Analysis: APK

- Dynamic Analysis: SDK & NDK

- Interactive Analysis: Users are able to interactive with App through web-based VNC