Skip to content

Release history

Quark-Engine releases

An Obfuscation-Neglect Android Malware Scoring System.

Back to tool Latest release

All releases

12 shown

Monitor
v26.6.1 Feature

New malware detection rules

Open
v26.5.1 Bug fix
Notable features
  • Added Quark rules for Antidot, Arsink, and TrickMo malware families
Full changelog

Rule Enhancement

  • Add new Quark rules for the Antidot, Arsink, and TrickMo malware families. (#903, #907, and #909)

Bug Fixes

  • Separate filled-new-array parsing from invoke-kind handling to avoid incorrect bytecode classification. (#867 and #886)
View release on GitHub
v26.4.1 Bug fix
⚠ Upgrade required
  • Bumped Flask dependency from 2.2.5 to 3.1.3
Notable features
  • Added analysis report for Hydra malware family
  • Added analysis report for SharkBot malware family
Full changelog

Document Enhancements

  • Add analysis report for Hydra malware family. (#892)
  • Add analysis report for SharkBot malware family. (#900)

Bug Fixes

  • Fix issues where type-casting and invoke-polymorphic instructions were skipped during analysis. Thanks to @dolamroth. (#872 and #874)
  • Fix incorrect type hints in helper functions. Thanks to @dolamroth. (#885)
  • Fix incomplete tracking of registers holding array objects. (#890)

Dependency Update

  • Bump Flask from 2.2.5 to 3.1.3. (#865)
View release on GitHub
v26.3.1 New feature
Notable features
  • Add a safe DEX checksum auto-repair flow for androguard-based parsing
Full changelog

Performance Improvement

  • Record register usage instead of full state to reduce memory usage. (#845)

Document Enhancement

  • Add an analysis report for the ToxicPanda malware family. (#863)

New Feature

  • Add a safe DEX checksum auto-repair flow for androguard-based parsing. (#866)
View release on GitHub
v26.2.1 New feature
Notable features
  • Support for handling semi-corrupted Android APKs
Full changelog

Dependency Update

  • Bump requests max version to 2.32.3. (#856)

Document Enhancement

  • Reconstruct documentation. (#857)

New Feature

  • Add support for handling semi-corrupted Android APKs (#859)
View release on GitHub
v26.1.1 New feature
Notable features
  • Five new detection rules for PhantomCard malware
  • Analysis report added for PhantomCard malware family
  • Optimized Quark Script docs for CWE-749 and CWE-927
Full changelog

  • Rule Enhancement

    • Add 5 new rules for the PhantomCard malware family. (#843)

  • Document Enhancement

    • Add an analysis report for the PhantomCard malware family. (#843)
    • Optimize the Quark Script documents for CWE-749 and CWE-927. (#842 and #844)
View release on GitHub
v25.12.1 New feature
Notable features
  • New detection rule for the SLocker malware family
  • Analysis report added for the SLocker malware family
  • Optimized Quark Script documentation for CWE-780 and CWE-940
Full changelog

Rule Enhancement

  • Add 1 new rules for the SLocker malware family (#832)

Document Enhancement

  • Add an analysis report for the SLocker malware family. (#832)
  • Optimize the document of Quark Script CWE-780 and CWE-940. (#829, #831)
View release on GitHub
v25.11.1 New feature
Notable features
  • Three new detection rules for the DawDropper malware family
  • Optimized Quark Script documentation for CWE-601 and CWE-926
  • Added analysis report for the DawDropper malware family
Full changelog

Rule Enhancement

  • Add 3 new rules for the DawDropper malware family (#822)

Document Enhancement

  • Optimize the document of Quark Script CWE-601 and CWE-926. (#821, #823)
  • Add an analysis report for the DawDropper malware family. (#822)
View release on GitHub
v25.9.1 New feature
Notable features
  • Add Quark Script APIs and showcase for detecting CWE-359
Full changelog

  • Document Enhancement

    • Add an analysis report for the GoldDream malware family. (#780)
    • Update the GitHub release process documentation. (#791)
    • Optimize the Quark Script document for CWE-256. (#804)

  • Rule Enhancement

    • Add 4 new rules for the GoldDream malware family (#780)

  • New Feature

    • Add Quark Script APIs and showcase for detecting CWE-359. (#802, #803)
View release on GitHub
v25.8.1 New feature
Notable features
  • Add Quark Script APIs to detect CWE-297.
  • Add showcases for detecting CWE-329, CWE-1204 and CWE-24.
Full changelog

New Feature

  • Add Quark Script APIs to detect CWE-297. (#777)
  • Add Quark Script showcases for detecting CWE-329, CWE-297, CWE-1204 and CWE-24. (#775, #778, #779 and #781)
View release on GitHub
v25.7.1 New feature
Notable features
  • 22 new Quark-Engine rules targeting the DroidKungFu malware family
Full changelog

Rule Enhancement

  • Add 22 new rules for the DroidKungFu malware family (#762)

Document Enhancement

  • Optimize the Quark Script documents for CWE-502 and CWE-532. (#769 and #764)
View release on GitHub
v25.6.1 Feature
Notable features
  • Optimized Quark Script documentation for CWE-328, CWE-338, and CWE-489
Full changelog

Document Enhancement

  • Optimize the Quark Script documents for CWE-328, CWE-338, and CWE-489. (#754, #756, and #757)
View release on GitHub

Beta — feedback welcome: [email protected]