Malicious code detection method and device, storage medium and electronic equipment

One or more embodiments of the invention disclose a malicious code detection method and device, a storage medium and electronic equipment. The malicious code detection method comprises the steps that a system mirror image in a sandbox is used for simulating a user scene to execute a target program, and the system mirror image is created based on local environment information of a user; behaviors of the target program in the execution process are monitored; according to the behavior in the execution process of the target program, whether the executable program code of the target program is the malicious code or not is judged, and the malicious code can be effectively detected. 本发明一个或多个实施例公开一种恶意代码检测方法、装置、存储介质及电子设备。其中，恶意代码检测方法，包括：以沙箱中的系统镜像模拟用户场景执行所述目标程序，其中，所述系统镜像基于用户本地的环境信息创建；对所述目标程序在执行过程中的行为进行监控；根据所述目标程序执行过程中的行为，判断所述目标程序的可执行程序代码是否是恶意代码，本发明实施例能够有效检测出恶意代码。