Welcome to the VB2021 conference!

arrow left Back

Workshop: Analysing Android malware

Led by Vitor Ventura (Cisco Talos); hosted by Cisco Talos
Android malware has become prevalent across the landscape. In this workshop Vitor Ventura will provide hands-on reverse engineering techniques for Android malware

This workshop is designed to provide the participants with different approaches to malware analysis, so that they can perform their own analysis without the use of automated tools. When everything else fails, we need to know what's under the hood.

On the analysis side the workshop covers:

  • Basic Android topics

  • Triage and feature identification

  • Malware unpacking

  • Emulation and root check bypass

  • String deobfuscation


During the workshop attendees will work with Gustuff, DoNot, Loda4Android and other malware. By the end, attendees should be able to apply the same techniques, or adapted versions of them, to new malware samples and even to different approaches
Vitor Ventura
Cisco Talos

Vitor Ventura is a Cisco Talos security researcher. As a researcher, he has investigated and published various articles on emerging threats. Most days Vitor hunts for threats, investigating them, reversing code, but also looking for the geopolitical and/or economic context. Vitor has spoken at conferences such as NorthSec, Recon Brussels, DEFCON Crypto Village and BSides Lisbon among others. Previously, he was IBM X-Force IRIS European manager and did penetration testing at IBM X-Force Red. Vitor holds multiple security-related certifications including GREM (GIAC Reverse Engineer Malware) and CISM (Certified Information Security Manager).