×

Launcher for setting analysis environment variations for malware detection

  • US 10,284,575 B2
  • Filed: 11/10/2015
  • Issued: 05/07/2019
  • Est. Priority Date: 11/10/2015
  • Status: Active Grant
First Claim
Patent Images

1. A system for automatically analyzing an object for malware, the system comprising:

  • one or more hardware processors; and

    a memory coupled to the one or more hardware processors, the memory comprises a dynamic analysis engine, a classification engine and a reporting engine, whereinthe dynamic analysis engine, when executed by the one or more hardware processors, generates one or more virtual machines, at least a first virtual machine of the one or more virtual machines includes launcher logic that, upon execution, (i) sets a processing framework for use in configuring a plurality of processes based on a type of object being analyzed and received configuration data identifying a prescribed order of execution of different application and plug-in combinations, (ii) receives information for accessing an object for analysis and parameters associated with the object, and (iii) selects a different application and plug-in combination for each process of the plurality of processes based on the parameters, wherein the plurality of processes concurrently processing the object within the first virtual machine to produce results comprising information associated with behaviors of the object,the classification engine classifying the object as part of a potential malicious attack based on the information associated with the behaviors of the object, andthe reporting engine generating an alert signal indicating the potential malicious attack.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×