Invention Grant
- Patent Title: System and method of analysis of files for maliciousness in a virtual machine
-
Application No.: US15451850Application Date: 2017-03-07
-
Publication No.: US10339301B2Publication Date: 2019-07-02
- Inventor: Vladislav V. Pintiysky , Denis V. Anikin , Denis Y. Kobychev , Maxim Y. Golovkin , Vitaly V. Butuzov , Dmitry V. Karasovsky , Dmitry A. Kirsanov
- Applicant: AO Kaspersky Lab
- Applicant Address: RU Moscow
- Assignee: AO Kaspersky Lab
- Current Assignee: AO Kaspersky Lab
- Current Assignee Address: RU Moscow
- Agency: Arent Fox LLP
- Agent Michael Fainberg
- Priority: RU2017104135 20170208
- Main IPC: G06F21/53
- IPC: G06F21/53 ; G06F21/56 ; G06F9/455
Abstract:
Disclosed are systems and methods of analysis of files for maliciousness in a virtual machine. An exemplary method comprises: opening and executing a file by a processor in a virtual machine; intercepting an event arising in the process of execution of a thread of a process created upon opening of the file; halting the execution of the thread; reading the context of the processor on which the thread is being executed; comparing the context of the processor with one or more rules; and based on the results of the comparison, performing at least one of: recognizing the file as being malicious; halting the execution of the process created upon opening of the file; changing the context of the processor; and waiting for the next intercepted event.
Public/Granted literature
- US20180225447A1 SYSTEM AND METHOD OF ANALYSIS OF FILES FOR MALICIOUSNESS IN A VIRTUAL MACHINE Public/Granted day:2018-08-09
Information query
