×

SYSTEM AND METHOD FOR THE PROGRAMMATIC RUNTIME DE-OBFUSCATION OF OBFUSCATED SOFTWARE UTILIZING VIRTUAL MACHINE INTROSPECTION AND MANIPULATION OF VIRTUAL MACHINE GUEST MEMORY PERMISSIONS

  • US 20140189882A1
  • Filed: 05/13/2013
  • Published: 07/03/2014
  • Est. Priority Date: 12/28/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method to de-obfuscate obfuscated malicious software code in a virtual machine, the method comprising the steps of:

  • enumerating a first physical page associated with a virtual address space of a first piece of analyzed software code;

    setting the first physical page to non writable; and

    detecting a write to the first physical page.

View all claims
  • 10 Assignments
Timeline View
Assignment View
    ×
    ×