JunWei Song
JunWei Song
Hi @cryptax , Thanks for reporting this issue! I will working on it now and I will keep you updated if there is anything new coming up.
Hello @cryptax , After checking for a while, I analyzed the two Android Native APIs with the malware you provided, and the result confidence 60% is correct. The following is...
For now, Quark does not support detecting the Thread, so the graph seems not to find out the usage of the case with `Threads/Runnable`. Thank you @cryptax for providing me...
Quark did perform tainted analysis, even if other additional functions are used between two Android native API, such as the `toString()` you mentioned. I think it's just because the current...
Hi @cryptax Yeah, you are right. I believe this is Quark's issue on tained analysis, we will fix it as soon as possible. For now, this behavior only achieves 80%,...
Hello @yashomer1994, thank you for reporting the issue, it could be run on macOS Mojave 10.14.6 by me, also in ubuntu latest version, maybe you can try to use Docker...
Hello @yashomer1994 , I saw your python version is 2.7, but quark-engine required the python version is >= 3.7.
> It seems to be more elasticity with YARA format. > @krnick Can you imitate a existed rule with new format? sure.
> @krnick > Can you think of any negative side of using YARA format? No idea so far, maybe I need to understand YARA rule more detail first.
> @krnick > > Use only "SMS" and "Location" as the permission strings seem to be very inaccurate? > > ``` > rule sendLocation_SMS { > > meta: > description...