Some time ago, I analyzed two similar samples of Android/Smsilence.A!tr.spy, a fake Vertu application that spies on its victim. One the samples was targeting a Japanese audience, while the other sample was for Korean end-users. I was interested in finding their similarities (and differences). At (decompiled) source code level, I identified for instance a similarity: both samples check incoming SMS messages and download another payload if the message body contains the keyword 113, or deletes …

You Can Learn More About the Fortinet Product Line By Going to www.FirewallShop.com/Fortinet

The original article/video can be found at Finding Similarities and Differences at DEX Level