Patent · US Active

Dynamic analysis of malware that has evasion code

US10521588B1 · kind B1 · utility

4Cited by

6References

11Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Qiang Huang · Austin, US
Hu CAO · Taiyuan, CN
Jun Wu · Shanghai, CN

Key dates

Filing date	Aug 30, 2017
Grant date	Dec 31, 2019
Priority date	—
Expiry date	Feb 17, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/034
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A sample program being evaluated for malware is scanned for presence of a critical code block. A path guide is generated for the sample program, with the path guide containing information on executing the sample program so that an execution path that leads to the critical code block is taken at runtime of the sample program. The path guide is applied to the sample program during dynamic analysis of the sample program so that behavior of the sample program during execution to the critical code block can be observed. This advantageously allows for detection of malicious samples, allowing for a response action to be taken against them.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.