<![CDATA[The rapid growth of Android smartphones has increased user convenience but also elevated the risk of cybercrime, especially malware attacks using complex obfuscation techniques that hinder detection and analysis. Traditional methods are often insufficient to address these evolving threats. This study integrates automated and manual analysis on APK files using Mobile Security Framework (MobSF) and GHIDRA through reverse engineering. MobSF performs automated static analysis to identify vulnerabilities and security indicators, while GHIDRA is used to decompile binary code into pseudocode for in-depth manual verification. The analysis of the “Pencairan Hadiah” (Prize Disbursement) application revealed dangerous permissions such as RECEIVE_SMS, READ_PHONE_STATE, and SYSTEM_ALERT_WINDOW. Manual inspection with GHIDRA confirmed API calls like getImei() and access to the Telegram API for automated data transmission. Although the bot token was inactive, the findings indicate an intent to exfiltrate sensitive data. The integration of MobSF and GHIDRA provides a deeper understanding and concrete evidence of malicious behavior in APK files, demonstrating the effectiveness of combining automated and manual approaches in digital forensic analysis.]]>
Copyrights © 2025
