New types of artifacts allow you to search based on
new WildFire® static analysis information for APK files and embedded
URLs in Mac samples. The AutoFocus™ API supports searches with
these new artifacts.
The file path for the icon of the app that
the APK file installs.
APK App Name
The name of the app when it displays on
an Android device.
APK Certificate File
The file path for the certificate(s) that
the app owner used to sign the APK file, information about the certificate
owner and issuer such as name and location (if available), and the
MD5, SHA1, and SHA256 hashes used to sign the certificate.
APK Internal File
The file format, file path, and SHA256 of
the files included in the APK file.
APK Suspicious Behavior
A sequence of actions that the APK file
exhibits, the target of the actions (if there is one), and the location
of the files that exhibited the actions. For example, for the suspicious
behavior “APK files sends an SMS to a fixed number,” the target
is the phone number that received the SMS.
APK Suspicious Pattern
A class of patterns observed in the APK
file, a description what the pattern does, and the location of the
files where the pattern occurred.
Mac Embedded URLs
URLs that are part of a Mac file. The Path
column contains the path for the section of the app where the URL