Patent · US Active

System and method for validating in-memory integrity of executable files to identify malicious activity

US11151251B2 · kind B2 · utility

4Cited by

13References

22Claims

0Family size

Assignee

Endgame, Inc. · US

Inventor

Joseph W. Desimone · Bradley Beach, US

Key dates

Filing date	Jul 13, 2017
Grant date	Oct 19, 2021
Priority date	—
Expiry date	Jul 13, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A malicious code detection module identifies potentially malicious instructions in volatile memory of a computing device before the instructions are executed. The malicious code detection module identifies an executable file, including an .exe file, in memory, validates one or more components of the executable file against the same file stored in non-volatile storage, and issues an alert if the validation fails.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.