SYSTEMS AND METHODS OF PROCESSING DATA ASSOCIATED WITH DETECTION AND/OR HANDLING OF MALWARE
First Claim
1. A method of analyzing samples/data/code for malware, comprising:
- unpacking and/or decrypting malware samples;
dynamically analyzing the samples;
disassembling and/or reverse engineering the samples;
performing static analysis of the samples;
determining latent logic execution path information regarding the samples;
classifying the samples; and
providing intelligent report information regarding the samples.
10 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure relates to malware and, more particularly, towards systems and methods of processing information associated with detecting and handling malware. According to certain illustrative implementations, methods of processing malware are disclosed. Moreover, such methods may include one or more of unpacking and/or decrypting malware samples, dynamically analyzing the samples, disassembling and/or reverse engineering the samples, performing static analysis of the samples, determining latent logic execution path information regarding the samples, classifying the samples, and/or providing intelligent report information regarding the samples.
120 Citations
19 Claims
-
1. A method of analyzing samples/data/code for malware, comprising:
-
unpacking and/or decrypting malware samples; dynamically analyzing the samples; disassembling and/or reverse engineering the samples; performing static analysis of the samples; determining latent logic execution path information regarding the samples; classifying the samples; and providing intelligent report information regarding the samples. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of analyzing samples/data/code for malware, comprising:
-
receiving samples for analysis; unpacking the samples; decrypting the samples; dynamically analyzing of the samples; disassembling and/or reverse engineering the samples; performing static analysis of the samples; determining latent logic execution path information regarding the samples; classifying the samples; and providing intelligent report information regarding the samples. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of analyzing samples/data/code to detect malware, comprising:
-
hosting multiple operating systems (OSs) on a multiple core CPU system; providing a native application environment on each OS in which malware may be executed; unpacking samples for analysis; dynamically analyzing the samples; disassembling and/or reverse engineering the samples; performing static analysis of the samples; determining latent execution logic path information regarding the samples; classifying the samples; and providing intelligent report information regarding the samples. - View Dependent Claims (16, 17, 18)
-
-
19-83. -83. (canceled)
Specification