Android APP Bundle

2021-10-12
#Android

Android App Bundle(aka aab)

Google has announced that all applications that need to upload to Google Play have to use the format called “aab”, which means Android App Bundle.

The reason why Google using the aab format can be organized with two things:

  1. It helps reduce the size of downloaded files.
  2. It can generate APKs dynamically for various device configurations such as different CPUs, screen size, language, etc.

However, from the view of the malware analysts, it should not be a problem because the aab format only employs when publishing and users’ devices still get the APK source file generated by bundletool from Google Play.

Here is the step by step to analyze the aab format application

How to build an “aab” file when you complete your project by yourself

Open Android Studio -> Build -> Build Bundle(s) / APK(s) -> Build Bundle(s)

The aab file will locate in:

/Users/$USER/AndroidStudioProjects/Test/app/build/outputs/bundle/debug/app-debug.aab

It is literally another kind of compressed file, and its directory after unzipping is as shown below.

You may probably know, the crucial file DEX locate in the dex directory.

Convert .aab to .apk file

Using the command-line tool bundletool, you can convert aab files into APK files with just one command.

1
bundletool build-apks --bundle=app-debug.aab --output=my_app.apks

You may notice that the output of the APK is suffixed with “s”, which means it is a bunch of APK files in an archive.

All of these APKs are generated based on a different language, screen size, etc. Now you can pick any of them to analyze as usual.

Reference:
https://developer.android.com/studio/command-line/bundletool