Andriod Antivirus Development has started!
I have started the development of the Android arm of my antivirus, I have started with the basic scanning features Scanning Files, Scanning Install Apps and Scanning SMS messages. the current development is being coded in Delphi as this is a language that I have a few years of experience with
Break down of the features
File Scanning Break down
starting with file Scanning, I started with the basics signature type of the SHA256 hash and the File Size, a very much basic signature for static detection.
Example of the basic Signature
092C80A770129A8D2B3084256599AEEB811280CCE9B5CBE7263CA4EE17445FAB:71 (Eicar test file)
This is a basic means of detection but it will do for now while I am developing and can be easily improved and expanded at a later date to include scanning with Hex based signatures, byte-based signatures and dynamic APK analysation and at a later point AI Detection.
As you can see we get a detection of the Eicar test file while scanning the File system. Great success, not perfect but it works
I then moved on to developing this scanner to enumerate File System and list the files store on the android device, after playing about with this feature for a while i managed to successfully list all the files stored on the virtual android device.
I now combine the features and ran the first test of the scanner and the file enumeration functions. this had to be done is a separate thread with synchronisation to update the GUI.
So now we have a functioning File scanner and one which detects our test file within the other files I have added to the device. which is great. now i can move on to the next feautre adding install apps scanning.