公开(公告)号：US20240362335A1

公开(公告)日：2024-10-31

申请号：US18306861

申请日：2023-04-25

Applicant: Avast Software s.r.o.

Inventor： Fabrizio Biondi ,  Andrew Gardner

IPC: G06F21/57 ,  G06F21/53

CPC classification number: G06F21/577 ,  G06F21/53 ,  G06F2221/033

Abstract: Malicious activity is identified in a plurality of sequences of computer instructions by identifying a plurality of sequences of computer instructions of interest, and assigning the plurality of sequences of computer instructions into two or more groups. A virtual machine sandbox is executed for each of the two or more groups, and each of the plurality of sequences of computer instructions is executed in the virtual machine sandbox into which the sequence of computer instructions has been assigned. Behavior of the executing instruction sequences is monitored, and is used to determine whether each of the groups has at least one executed sequence of computer instructions that is likely malicious.