Open Source Android Forensics!

Cuckoo Sandbox is a modular, automated malware analysis system. Running from command-line on a Linux or Mac host, it uses python and virtualization (VirtualBox, QEMU-KVM, etc) to create an isolated Windows guest environment to safely and automatically run and analyze files to collect comprehensive file behavior analysis. These results outline what the malware does while running inside an isolated Windows operating system, including Win32 API calls, files created/deleted, memory dumps, network traffic trace, screenshots of execution behavior, and full memory dumps of virtual machines. »