I find myself targeted with a malicious .apk file. I am provided with some malicious files disguised as a genuine .apk.
I used apktool to decompile the file and collect some information about the attacker. I could find none (please point me how to find some info if any can be found)
Could you point me in the right direction as to find which ip does the payload uses to connect back to the attacker? And also monitor the attacker if I deliberately allow the attacker to get a meterpreter session.
What else can I do to make the attacker regret targeting me?
Note: I am aware of how to generate a payload, embed it to a genuine apk file and to use a meterpreter session to access data from the remote target.