Malware is evasive. It tries to avoid detection and analysis by detecting the running setting and executing the payload under particular circumstances. Malware analyzers need to be aware of the evasion techniques used by malware.
Evadroid is a catalog of techniques that malware can use to evade detection and analysis. Each of the sample apps in this catalog detects a very specific aspect of the running system on which the payload execution depends. If this particular condition is fulfilled, the test will try to send an SMS, as a payload example.
This test suite can be used to test your evasion detection techniques. They all have the same structure and payload. We refer to the README file included in the zip file for technical details on the log format and expected behavior.
Evadroid is mainly developed by the Mobile Enterprise Software research group in IBM T. J. Watson Research Center. Contributions are welcome and properly attributed.