Method and apparatus for generic malware downloader detection and prevention

Method and apparatus for generic malware downloader detection and prevention

One embodiment relates to a computer-implemented method of detecting a malware downloader running on a computer system. An indication is received that a process running on the computer system is attempting to execute an executable file. A timestamp of the executable file is obtained. The timestamp i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CEPE JOSEPH, PAGAUITAN DORIS IQUIN, MELLIANG MARILYN, CRUZ MARVIN U
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:One embodiment relates to a computer-implemented method of detecting a malware downloader running on a computer system. An indication is received that a process running on the computer system is attempting to execute an executable file. A timestamp of the executable file is obtained. The timestamp indicates a time at which the executable file was downloaded. A current time is also obtained from the computer system. A determination is made as to whether the current time is approximately equal to the time indicated by the timestamp. An indication is made that said process is not a malware downloader if the current time is not approximately equal to the time indicated by the timestamp. Another embodiment relates to a computer apparatus configured to detect a malware downloader. Other embodiments, aspects and features are also disclosed.