Systems and methods for detecting unknown malware in an executable file
A computer-implemented method may include generating a first region-of-interest identifier that represents a region of interest within an executable file at a first time. The computer-implemented method may also include receiving, at a second time, a request to scan the executable file for malware a...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | A computer-implemented method may include generating a first region-of-interest identifier that represents a region of interest within an executable file at a first time. The computer-implemented method may also include receiving, at a second time, a request to scan the executable file for malware and generating a second region-of-interest identifier that represents the region of interest within the executable file at the second time. The computer-implemented method may further include comparing the first and second region-of-interest identifiers to determine that the region of interest at the second time is different than the region of interest at the first time. In addition, the computer-implemented method may include using the difference between the region of interest at the first and second times to determine whether the executable file comprises malware. Various other systems, methods, and computer-readable media are also disclosed. |
|---|