Patent · US Active

Efficient program deobfuscation through system API instrumentation

US10565376B1 · kind B1 · utility

15Cited by

5References

21Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventor

Robert Jung · Albuquerque, US

Key dates

Filing date	Sep 11, 2017
Grant date	Feb 18, 2020
Priority date	—
Expiry date	Feb 9, 2038

Classification

Technology area (CPC G)Physics
CPC primaryG06F2212/1052
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Techniques for efficient program deobfuscation through system application program interface (API) instrumentation are disclosed. In some embodiments, a system/process/computer program product for efficient program deobfuscation through system API instrumentation includes monitoring changes in memory after a system call event during execution of a malware sample in a computing environment; and generating a signature based on an analysis of the monitored changes in memory after the system call event during execution of the malware sample in the computing environment.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.