The static detection system referred in this article is used to detect unknown malware. First of all, the Android application sample is preprocessed and permission information that the application developer applies for is extracted as a kind of characteristic attribute. If there is shared object file, the name of function called from other libraryis is extracted as another kind of characteristic attribute. Secondly, the two optimal classifiers chose are used to hand two classes of features separately. Finally, the result of comprehensive judgment system depends on the result of classifiers about two types of characteristic attribute. The result of experiment shows that the static detection system can detect the unknown malware efficiently, and the accuracy of the static detection system reaches up to 95.4%.