Malware data item analysis

Assignee

• Palantir Technologies Inc. · US

Inventors

• Matthew Falk · Palo Alto, US
• Timothy Yousaf · New York, US
• Joseph Staehle · New York, US
• Lucas Lemanowicz · New York, US
• Sebastien Noury · London, GB
• Robin Lim · Mountain View, US
• Michael Glazer · San Francisco, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2107
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Embodiments of the present disclosure relate to a data analysis system that may automatically analyze a suspected malware file, or group of files. Automatic analysis of the suspected malware file(s) may include one or more automatic analysis techniques. Automatic analysis of may include production and gathering of various items of information related to the suspected malware file(s) including, for example, calculated hashes, file properties, academic analysis information, file execution information, third-party analysis information, and/or the like. The analysis information may be automatically associated with the suspected malware file(s), and a user interface may be generated in which the various analysis information items are presented to a human analyst such that the analyst may quickly and efficiently evaluate the suspected malware file(s). For example, the analyst may quickly determine one or more characteristics of the suspected malware file(s), whether or not the file(s) is malware, and/or a threat level of the file(s).