Ransomware countermeasures
US12306947B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 16, 2023 |
| Grant date | May 20, 2025 |
| Priority date | — |
| Expiry date | Sep 22, 2043 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/568
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Execution of an executable is initiated in an operating environment. Thereafter, characteristics associated with the execution of the executable are continually monitored. It is later determined that the executable has one or more characteristics associated with ransomware. In response to such determination, at least one simulacra is injected into the operating environment to attempt to trigger an anti-detonation protection feature by the executable file. Thereafter, one or more ransomware countermeasures can be initiated based on behavior of the executable after injection of the at least one simulacra. Related apparatus, systems, techniques and articles are also described.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.