1
00:00:00,150 --> 00:00:04,790
This video, we will learn how to decode and decompiled HBK files.

2
00:00:05,670 --> 00:00:11,040
You can do the same for any application you'll download from the reference websites given earlier in

3
00:00:11,040 --> 00:00:18,360
this course and as well for any upcoming AP case that we will use in the upcoming videos.

4
00:00:19,050 --> 00:00:22,530
So we will use the Trojan signed a B.K..

5
00:00:23,040 --> 00:00:25,890
So let's start by compiling this application.

6
00:00:26,550 --> 00:00:30,660
You open the terminal here and let's go to the desktop.

7
00:00:34,560 --> 00:00:45,960
As you can see, we have two applications, the first comment to use is a B.K. tool space D and then

8
00:00:46,680 --> 00:00:51,140
Torossian Dash signs dot APJ.

9
00:00:52,930 --> 00:00:53,650
Press enter.

10
00:00:54,280 --> 00:00:57,520
You'll see that a new fooler has been populated here.

11
00:00:59,110 --> 00:01:02,380
Let's open that folder and see the contents.

12
00:01:03,010 --> 00:01:12,490
If you double click on the Android manifest now, you'll be able to read that file and do the permissions

13
00:01:12,490 --> 00:01:12,940
review.

14
00:01:14,110 --> 00:01:15,010
We'll do that later.

15
00:01:16,300 --> 00:01:20,680
Now we need to decompiled the children, the AP, Caifa.

16
00:01:21,130 --> 00:01:27,010
If you double click on that file, you'll be able to see the classes, the D X File that has all the

17
00:01:27,010 --> 00:01:29,890
compiled code or Java code.

18
00:01:30,670 --> 00:01:41,410
No, I will issue another command, which is D2 G, which is Decs to Geor and then we reference the

19
00:01:41,410 --> 00:01:45,790
Trillian dash sine dot APJ file.

20
00:01:47,620 --> 00:01:55,600
Notice here that any new file has been created with the extension of the jar jar extension or purely

21
00:01:55,600 --> 00:01:58,960
Java files that can be viewed with.

22
00:01:59,230 --> 00:02:02,430
We'll use this tool here called Jadi Gooey.

23
00:02:04,360 --> 00:02:05,560
I'll minimize that here.

24
00:02:07,900 --> 00:02:09,550
You should drag and drop this file.

25
00:02:10,060 --> 00:02:16,960
You'll be able to see only classes in a human readable format.

26
00:02:17,650 --> 00:02:26,470
So we will use this file or this combination of file and files and classes in addition to the Android

27
00:02:26,470 --> 00:02:33,580
manifest that Excel file to perform our static malware analysis.

28
00:02:35,110 --> 00:02:41,170
One thing to note here that if you downloading a file from the Internet, some of these files might

29
00:02:41,170 --> 00:02:41,890
be zipped.

30
00:02:42,340 --> 00:02:54,110
The command to use is seven zie dash e4 extract, then the name of the file, then the extension that

31
00:02:54,130 --> 00:02:57,160
Zipp or DOT seven zie.