Section D — Threat & Privacy Assessment (20 points) 10. (8 pts) Create a structured risk assessment for this APK if it were deployed in an enterprise environment. Use a short table with columns: Threat, Likelihood (Low/Med/High), Impact (Low/Med/High), Mitigation (one line). 11. (6 pts) If analysis finds contacts and SMS exfiltration routines, list immediate containment actions (ordered steps) an organization should take. 12. (6 pts) Draft a concise user-facing notification (max 3 short paragraphs) informing potentially affected users about the discovery, actions taken, and recommended next steps (password resets, monitoring). The tone should be clear and non-alarming.

Section C — Dynamic/Behavioral Analysis (25 points) — practical design 7. (10 pts) Design a minimal, safe dynamic analysis setup to run and monitor the APK’s behavior without risking host compromise. Include OS/environment (emulator vs physical device), network controls, and monitoring tools; justify each choice. 8. (8 pts) List five runtime indicators you would capture during execution (exact metrics/logs), the tools or commands to capture them, and why each matters. 9. (7 pts) Describe how to safely test whether the APK requests sensitive runtime permissions or attempts to exploit accessibility services. Include steps and expected evidence of misuse.

Section E — Open-ended Forensics Challenge (15 points) 13. (15 pts) You are provided the original APK file and a network capture (PCAP) from a sandbox run. Describe, step-by-step, how you would conclusively determine whether the APK exfiltrated data to a command-and-control (C2) server, and how to extract the exact data sent. Include tools, commands, artifact locations inside the device filesystem, and forensic signs that prove data leaving the device.

Be inspired

Be inspired

Explore our website and become inspired. When you're ready, call us for our personal touch. Syahatas-bad-day-v1-0-5.apk

Price Matching

Price matching

Fareconnect.com matches all website's vacation rates. If we can book it, we will match it.

Tailor your travel

Tailor your travel

Invest in your own travel destiny. Speak with one of our travel professionals who will tailor a vacation to suit your own interest, desires and budget.

Tap into our expertise

Tap into our expertise

Our counsellors will ensure your travel experience is personalized to be the best trip experience for you. Let us put our expertise to use and make your vacation special by taking the stress out of planning your trip! Section D — Threat & Privacy Assessment (20 points) 10

Call us for our personal touch

Call us for our personal touch

See the difference an expert will make - call Fareconnect.com: 1-866-YOR-DEAL

Syahatas-bad-day-v1-0-5.apk Patched (2027)

Section D — Threat & Privacy Assessment (20 points) 10. (8 pts) Create a structured risk assessment for this APK if it were deployed in an enterprise environment. Use a short table with columns: Threat, Likelihood (Low/Med/High), Impact (Low/Med/High), Mitigation (one line). 11. (6 pts) If analysis finds contacts and SMS exfiltration routines, list immediate containment actions (ordered steps) an organization should take. 12. (6 pts) Draft a concise user-facing notification (max 3 short paragraphs) informing potentially affected users about the discovery, actions taken, and recommended next steps (password resets, monitoring). The tone should be clear and non-alarming.

Section C — Dynamic/Behavioral Analysis (25 points) — practical design 7. (10 pts) Design a minimal, safe dynamic analysis setup to run and monitor the APK’s behavior without risking host compromise. Include OS/environment (emulator vs physical device), network controls, and monitoring tools; justify each choice. 8. (8 pts) List five runtime indicators you would capture during execution (exact metrics/logs), the tools or commands to capture them, and why each matters. 9. (7 pts) Describe how to safely test whether the APK requests sensitive runtime permissions or attempts to exploit accessibility services. Include steps and expected evidence of misuse.

Section E — Open-ended Forensics Challenge (15 points) 13. (15 pts) You are provided the original APK file and a network capture (PCAP) from a sandbox run. Describe, step-by-step, how you would conclusively determine whether the APK exfiltrated data to a command-and-control (C2) server, and how to extract the exact data sent. Include tools, commands, artifact locations inside the device filesystem, and forensic signs that prove data leaving the device.