Patent · US Active

System and method for validating in-memory integrity of executable files to identify malicious activity

US11675905B2 · kind B2 · utility

0Cited by

16References

22Claims

0Family size

Assignee

Endgame, Inc. · US

Inventor

Joseph W. Desimone · Bradley Beach, US

Key dates

Filing date	Oct 14, 2021
Grant date	Jun 13, 2023
Priority date	—
Expiry date	Dec 4, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A malicious code detection module is presented to identify potentially malicious instructions in a volatile memory of a computing device before the instructions are executed. The malicious code detection module identifies an executable file, including an .exe file, in memory, validates one or more components of the executable file against the same file stored in non-volatile storage, wherein the validation accounts for the unpacking of the executable file, and issues an alert if the validation fails.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.