Noob question: How do you ensure that large executable files, such as .apks (different from apk), are safe? (lemmy.today)

submitted 4 weeks ago by [email protected] to c/[email protected]

16 comments fedilink hide all child comments

Virus total limit is 600mb.

all 19 comments

sorted by: hot top new old

[-] [email protected] 26 points 4 weeks ago

By making sure (as much as you possibly could) the source you got it from is safe.

You'll reduce the risk.

[-] [email protected] 17 points 4 weeks ago* (last edited 4 weeks ago)

Apks can be unpacked. There are plenty of offline scanners with high or no size limits too.

There are probably also Android-specific scanners.

[-] [email protected] 17 points 4 weeks ago

I don't. I just consider them compromised and block network connection. Usually that works fine unless it's a ransomware or something..

[-] [email protected] 10 points 4 weeks ago* (last edited 4 weeks ago)

Run them in a test sandbox environment, maybe run some network analytics to see if weird outbound or inbound calls start getting made... hope they are not more clever than your sandbox environment.

For APKs specifically... official support for Hypatia from the original team ended last year, but a 'MaintainTeam Organization' seems to be attempting to pick up the slack, and keep updating with new malware signatures.

https://apt.izzysoft.de/fdroid/index/apk/org.maintainteam.hypatia

https://github.com/MaintainTeam/Hypatia

... not sure if its... actually getting regular updates though.

EDIT: derp, yeah

Also, as upstroke says, do a hash comparison from the actual proper source to verify you aren't getting a malformed or spoof version of whatever APK.