📌 Overview
check_4_malware.ps1 is a small but powerful PowerShell script designed to quickly identify suspicious Android packages — a common indicator of malware such as:
Banking trojans
Accessibility abuse malware
Spyware / stalkerware
Dropper APKs
Obfuscated malicious packages
The script is ideal for incident response, DFIR investigations, threat hunting, or any scenario where you need to quickly triage a list of Android packages.
🚀 Features
🔎 Detects auto-generated
🧪 Highlights packages that don’t match known Android or vendor prefixes
🧩 Simple heuristics for fast triage
📂 Takes any ADB-exported package list
⚙️ Fully customizable (regex, prefixes, blacklist)
💡 Outputs clean, readable results
.\check_4_malware.ps1