Analyzing Mobile iOS Apps with VirusTotal Enterprise Online and macOS Ventura Locally

Israel Torres
Mar 14, 2023

Welcome back, as we continue our educational journey analyzing mobile malware applications. This time, we download and take apart a mobile iOS .ipa [1] sample to analyze what we can find using a couple of different approaches.

Introduction

In this article, we’ll be hunting mobile malware using VirusTotal Enterprise (VTE) Online, and analyzing a mobile malware sample found using the tools in the latest version of Apple macOS Ventura (13.1). This will follow the same pace as my last article [2], so if you liked the last one, you’ll love this one.

Previously, we worked with comparing features that VTE offered with Kali Linux, along with a few extra tools. This time, we’ll be doing the same but instead of Kali, we’ll be using macOS Ventura as our triage platform to help identify and dissect our sample once we’ve analyzed it using VTE Online. We are mainly using VTE to search, classify and download the sample in question; but since it offers a ton of online tooling for analysis, we’ll also use those and then compare them with what we do with macOS Ventura locally.

As I mentioned previously, it’d be great to see VirusTotal come up with a local distro edition similar to REMnux [3], which is a Linux Toolkit for Malware Analysis. In addition, have it connect via its API feature and functionality to fully integrate the VirusTotal Distro with its online counterpart; and I’d love to see....

Subscribe
Notify of
guest

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023