×

Malware protection

  • US 9,858,416 B2
  • Filed: 09/13/2016
  • Issued: 01/02/2018
  • Est. Priority Date: 03/15/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method of detecting malware in a computer system, the method comprising:

  • determining that an executable file should be identified as not being legitimate by inspecting a database containing identifiers of legitimate and/or not legitimate executable files;

    executing the executable file in an emulated environment;

    monitoring the behaviour of the executable file to determine that the executable file, aware that it is being executed in the emulated environment, is taking evasive action by failing to respond in a way in which it would be expected to act when executed in a real environment, wherein the evasive action comprises at least one of failing to request access to the Internet, failing to attempt to provide a notification, and failing to attempt to collect information relating to the emulated environment; and

    determining that the executable file is malware.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×