Since its release in 2008, Android has gained an impressive marketshare of about 85% and the amount of Android devices is still growing in relative as well as in absolute numbers. Within the same time, not only benign users have been attracted by Android, but also cyber criminals who can reach many victims by developing malware for the Android platform. This led to an increase of malicious mobile applications by 614% in the last year, whereof 92% of malware were targeting the Android Platform. Malicious applications can turn a user's device into a bot-net node, steal sensitive or confidential information, cause financial damage, etc. Considering the popularity of smartphones and the amount of private data stored on them, it has become very important to detect these kinds of malicious applications. Unfortunately, dynamic analysis frameworks for analyzing Android applications, which can be used by security professionals and laymen, are sparse. To overcome this deficit, we present ANDRUBIS - a fully automated large-scale dynamic analysis framework for Android applications that combines static analysis techniques with dynamic analysis on both, Dalvik VM and on QEMU virtual machine introspection layer. Furthermore ANDRUBIS makes use of tainting to detect malicious applications leaking sensitive information and several stimulation techniques to increase code coverage. We opened ANDRUBIS for public submissions with a current capacity of analyzing around 3,500 samples per day. This lead to more than 1,000,000 analyzed Android applications submitted by researchers, security professionals and users. To evaluate ANDRUBIS, we analyzed Android applications from different sources like the official market, torrents, direct download sites, the Genome Project (a collection of known Android malware families) and malicious Android applications from Virus Total. Comparison with other analysis frameworks has shown that ANDRUBIS performs very well.