Repackaging detection

Repackaging detection is a security feature that detects if the application was modified and resigned with a different signing certificate.

To properly configure the repackage detection, you need to get the SHA1 hash of your signing certificate. You can obtain the correct value from you keystore.

keytool -list -keystore ${SOME_KEYSTORE} -alias ${MY_ALIAS} | grep "SHA1" | sed "s/.*(SHA1): //" | sed "s/://g" | tr "[A-Z]" "[a-z]"

Alternatively, you can obtain the right value from an existing APK:

apksigner verify --print-certs ${SOME_APK} | grep "SHA-1" | sed "s/.*: //"
Last updated on Apr 18, 2021 (19:48) View product


Malwarelytics for Android