We present AppBeach, an automatic static analysis tool to reveal behaviors of mobile applications (apps) that may (or may not) appear to users but embedded in the executable. We characterize app behaviors based on system method calls and their counts. Our analysis consists of two phases. We first propose a distributed static binary analysis for counting system method calls of iOS executable with the Hadoop framework. We then collect the differences of calls of normal and malicious apps as patterns of malicious behaviors, and reveal potential malicious behaviors that are embedded in apps using these patterns. We evaluate AppBeach against hundreds of public online apps and successfully reveal various behaviors that are embedded in their executables.