-
公开(公告)号:US20220060324A1
公开(公告)日:2022-02-24
申请号:US17069084
申请日:2020-10-13
Inventor: Tae Hwan PARK , Sang Yun HAN , Sang Woon JANG , Il Hwan PARK
Abstract: An apparatus and method for encryption key recovery based on memory analysis. The apparatus may include one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may collect memory information pertaining to an encrypted part of a file, in which ransomware is detected, based on dynamic binary instrumentation, analyze memory read operation data corresponding to an encryption key that is used for encryption of the file in the memory information, recover the encryption key based on the result of analysis of the memory read operation data, and output the result of recovery of the encryption key.
Search Results
1
records
(took 0.015 seconds)
