CN110866252A - Malicious code detection method and device, electronic equipment and storage medium - Google Patents
Malicious code detection method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN110866252A CN110866252A CN201811579564.XA CN201811579564A CN110866252A CN 110866252 A CN110866252 A CN 110866252A CN 201811579564 A CN201811579564 A CN 201811579564A CN 110866252 A CN110866252 A CN 110866252A
- Authority
- CN
- China
- Prior art keywords
- file
- executable
- content
- memory
- detecting whether
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/565—Static detection by checking file integrity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a malicious code detection method and device, electronic equipment and a storage medium, relates to the technical field of computer security, and aims to improve the detection rate of malicious codes. The malicious code detection method comprises the following steps: judging whether the file read into the memory is in a picture format or not; if the file read in the memory is a file in a picture format, detecting whether the file content of the file contains an executable file; and if the file content of the file contains an executable file, determining that the file in the picture format contains malicious codes. The method and the device are suitable for detecting the malicious codes embedded into the picture.
Description
Technical Field
The invention relates to the technical field of computer security, in particular to a malicious code detection method and device, electronic equipment and a storage medium.
Background
As threat propagation evolves, more and more threats choose to embed themselves in file types that are not easily detected, such as executable threat files or malicious code in pictures, thereby bypassing detection by antivirus engines. For this reason, there is currently no effective protection means.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for detecting malicious codes, an electronic device, and a storage medium, which can improve the detection rate of malicious codes.
In a first aspect, an embodiment of the present invention provides a malicious code detection method, including: judging whether the file read into the memory is in a picture format or not; if the file read in the memory is a file in a picture format, detecting whether the file content of the file contains an executable file; and if the file content of the file contains an executable file, determining that the file in the picture format contains malicious codes.
According to a specific implementation manner of the embodiment of the present invention, the detecting whether the file content of the file contains an executable file includes: detecting whether the file content of the file contains a PE file; or detecting whether the file content of the file contains an executable script command.
According to a specific implementation manner of the embodiment of the present invention, the detecting whether the file content of the file contains an executable file includes: starting to detect whether the file content of the file contains an executable file from the head of the file content of the file; or, starting to detect whether the file content of the file contains the executable file from the tail part of the file content of the file.
In a second aspect, an embodiment of the present invention provides a malicious code detection apparatus, including: the first judgment module is used for judging whether the file read into the memory is in the picture format or not; the detection module is used for detecting whether the file content of the read-in file contains an executable file if the read-in file in the memory is a file in a picture format; and the second judgment module is used for determining that the file in the picture format contains malicious codes if the file content of the file contains an executable file.
According to a specific implementation manner of the embodiment of the present invention, the detection module is specifically configured to: detecting whether the file content of the file contains a PE file; or detecting whether the file content of the file contains an executable script command.
According to a specific implementation manner of the embodiment of the present invention, the detection module includes: the first detection submodule is used for detecting whether the file content of the file contains an executable file from the head of the file content of the file; or, the second detection submodule is configured to start to detect whether the file content of the file contains an executable file from the tail of the file content of the file.
In a third aspect, an embodiment of the present invention provides an electronic device, where the electronic device includes: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes the program corresponding to the executable program code by reading the executable program code stored in the memory, and is used for executing the method of any one of the foregoing implementation modes.
In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium storing one or more programs, which are executable by one or more processors to implement a method according to any one of the foregoing implementation manners.
According to the malicious code detection method, the malicious code detection device, the electronic equipment and the storage medium provided by the embodiment of the invention, whether the file read into the memory is the file in the picture format is judged, if yes, whether the file content of the file contains the executable file is detected, and if the file content of the file contains the executable file, the file in the picture format can be determined to contain the malicious code, so that the malicious code detection of the file in the picture format can be realized, the detection range of the malicious code is enlarged, and the detection rate of the malicious code can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a malicious code detection method according to a first embodiment of the present invention;
fig. 2 is a flowchart illustrating a second malicious code detection method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a malicious code detection apparatus according to a first embodiment of the present invention;
fig. 4 is a schematic structural diagram of a malicious code detection apparatus according to a second embodiment of the present invention;
fig. 5 is a schematic structural diagram of an embodiment of an electronic device according to an embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In a first aspect, an embodiment of the present invention provides a method for detecting a malicious code, which can improve a detection rate of the malicious code.
Fig. 1 is a schematic flowchart of a malicious code detection method according to a first embodiment of the present invention, and as shown in fig. 1, the method according to this embodiment may include:
In this embodiment, malicious code detection may be performed on a file in a picture format stored locally. The picture format is a format for storing pictures by a computer, and common picture formats include bmp, jpg, jpeg, png, tif, gif, pcx, psd, cdr, pcd and the like.
When malicious code detection is performed on a file in a picture format, the file needs to be read into a memory.
Before reading the file into the memory, the memory stream object can be established, and then the file selected by the user can be loaded into the memory stream. After a file is loaded into the memory stream, the format of the file can be determined by using the contents in the memory stream, and specifically, by determining the first few bytes of the file, what type of file the file is. For example, if the first 2 bytes of a file read from the memory stream are 4D42[ low order to high order ], the file may be determined to be a file in bmp format; the first 2 bytes of the file read from the memory stream are D8FF [ low to high ], and the file is determined to be in jpeg format.
If the file read into the memory is determined to be a file in a picture format, the file is determined to be a picture file, and step 102 is executed. And if the file read into the memory is determined not to be the file in the picture format, the detection process of the following steps is not executed.
An executable file refers to a file that can be loaded for execution by the operating system. In different operating system environments, executable files are presented differently. Under the Windows operating system, the executable file may be a.exe.sys.com, etc. type file.
After detecting the file content in the memory, if the file content contains an executable file, step 103 is executed.
And 103, determining that the file in the picture format contains malicious codes.
Upon determining that malicious code is contained in the picture-formatted file, alert information may be generated.
In this embodiment, whether the file read into the memory is the file in the picture format is judged, if yes, whether the file content of the file contains the executable file is detected, and if the file content of the file contains the executable file, it is determined that the file in the picture format contains malicious codes.
Fig. 2 is a flowchart illustrating a second embodiment of the malicious code detection method provided by the present invention, as shown in fig. 2, based on the embodiment shown in fig. 1, in this embodiment, the detecting whether the file content of the file contains an executable file (step 102) may include:
The generic name of PE files is Portable Executable, meaning Portable Executable files, and the common files of exe,. dll,. ocx,. sys,. com, etc. are PE files.
The structure of the PE file is, starting from the start position, a DOS header, an NT header, a section table and a specific section in sequence. Wherein, the structure of the DOS header has an e _ magic field, the value of which is set to 5A4Dh, and this field is the important flag loaded by PE program, and the corresponding characters are bits Z and M, respectively. The NT HEADER contains the main information of the PE FILE, including a signature in the 'PE' format, a PE FILE HEADER (IMAGE _ FILE _ HEADER) and a PE OPTIONAL HEADER (IMAGE _ option _ HEADER 32).
In order to improve the detection efficiency, the file content of the file read into the memory is detected, whether the file content contains data features matched with a PE file structure is judged, for example, whether data features with the value of 5A4Dh of an e _ magic field in a DOS header exist, whether data features with a 'PE' signature exist in an NT header exist, or whether data features with a PE file header exist in an NT header, if so, the file content can be determined to contain the data features matched with the PE file structure, so that the file with the picture format can be determined to contain the PE file, otherwise, the file with the picture format is determined to not contain the PE file.
An executable script is an executable file written according to a certain format, also called macro or batch file, using a specific descriptive language.
In a specific application, the features of the PE file and the features of the executable script may be pre-stored in a list, and accordingly, the detecting whether the file content of the file contains the executable file may include: and matching the data of the file content of the file read into the memory with the data in the list, and if the matching is successful, determining whether the file content of the file contains an executable file.
In this embodiment, whether the content of the file contains the PE file or not and whether the content of the file contains the executable script command or not may be determined by detecting whether the content of the file contains the executable script command or not.
It should be understood that, by using any one of the steps 1021 and 1022, it can be determined whether the file content of the file contains an executable file. When the file content of the file is not determined to contain the executable file in one step, the detection can be continued in another step, so that the detection accuracy is improved.
In order to improve the detection efficiency, the detecting whether the file content of the file contains an executable file (step 102) may include: starting to detect whether the file content of the file contains an executable file from the head of the file content of the file; or, starting to detect whether the file content of the file contains the executable file from the tail part of the file content of the file.
In a second aspect, an embodiment of the present invention provides a malicious code detection apparatus, which can improve a detection rate of a malicious code.
Fig. 3 is a schematic flowchart of a first embodiment of the malicious code detection apparatus provided in the present invention, and as shown in fig. 3, the malicious code detection apparatus of the present embodiment may include: a first judgment module 11, a detection module 12 and a second judgment module 13; the first judging module 11 is configured to judge whether a file read into the memory is a file in a picture format; the detection module 12 is configured to detect whether a file content of a read-in file contains an executable file if the read-in file is a file in a picture format; the second determining module 13 is configured to determine that the file in the picture format contains a malicious code if the file content of the file contains an executable file.
The apparatus of this embodiment may be used to implement the technical solution of the method embodiment shown in fig. 1, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 4 is a schematic flowchart of a second embodiment of the malicious code detection apparatus provided in the present invention, as shown in fig. 4, on the basis of the embodiment of the apparatus shown in fig. 3, in this embodiment, the detection module 12 is specifically configured to: detecting whether the file content of the file contains a PE file; or detecting whether the file content of the file contains an executable script command.
In order to improve the detection efficiency, the detection module 12 may include: a first detection submodule 121, configured to start detecting whether the file content of the file contains an executable file from a header of the file content of the file; or, the second detecting sub-module 122 is configured to start to detect whether the file content of the file contains an executable file from the end of the file content of the file.
The apparatus of this embodiment may be used to implement the technical solution of the method embodiment shown in fig. 2, and the implementation principle and the technical effect are similar, which are not described herein again.
In a third aspect, an embodiment of the present invention further provides an electronic device. Fig. 5 is a schematic structural diagram of an embodiment of an electronic device according to an embodiment of the present invention, which may implement the processes of the embodiments shown in fig. 1 to fig. 2 of the present invention, and as shown in fig. 5, the electronic device may include: the device comprises a shell 41, a processor 42, a memory 43, a circuit board 44 and a power circuit 45, wherein the circuit board 44 is arranged inside a space enclosed by the shell 41, and the processor 42 and the memory 43 are arranged on the circuit board 44; a power supply circuit 45 for supplying power to each circuit or device of the electronic apparatus; the memory 43 is used for storing executable program code; the processor 42 executes a program corresponding to the executable program code by reading the executable program code stored in the memory 43, so as to execute the malicious code detection method according to any of the foregoing embodiments.
The specific execution process of the above steps by the processor 42 and the steps further executed by the processor 42 by running the executable program code may refer to the description of the embodiment shown in fig. 1-2 of the present invention, and are not described herein again.
The electronic device exists in various forms, including but not limited to a mobile terminal device with computing and processing functions, a desktop computer, a server or other electronic devices with computing and processing functions.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium storing one or more programs, which are executable by one or more processors, for performing the malicious code detection method described in any of the foregoing embodiments.
According to the malicious code detection method, device, electronic equipment and storage medium provided by the embodiment of the invention, whether the file read into the memory is the file in the picture format is judged, if yes, whether the file content of the file contains the executable file is detected, and if the file content of the file contains the executable file, the file in the picture format can be determined to contain the malicious code, so that the malicious code detection of the file in the picture format can be realized, the detection range of the malicious code is enlarged, and the detection rate of the malicious code can be improved. When detecting whether the PE file is contained, the detection efficiency can be improved by judging whether the file content in the memory contains the data characteristics matched with the specific structure of the PE file. In addition, whether the executable file is contained or not is detected from the head or the tail of the file content in the memory, and the detection efficiency can be further improved. In addition, in the embodiment of the invention, the malicious codes embedded in the files in the picture format can be detected only by detecting the file contents read into the memory without any virus engine, so that the method is a convenient, rapid and accurate malicious code detection method.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. The term "comprising", without further limitation, means that the element so defined is not excluded from the group consisting of additional identical elements in the process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments.
In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
For convenience of description, the above devices are described separately in terms of functional division into various units/modules. Of course, the functionality of the units/modules may be implemented in one or more software and/or hardware implementations of the invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (8)
1. A malicious code detection method, comprising:
judging whether the file read into the memory is in a picture format or not;
if the file read in the memory is a file in a picture format, detecting whether the file content of the file contains an executable file;
and if the file content of the file contains an executable file, determining that the file in the picture format contains malicious codes.
2. The method according to claim 1, wherein the detecting whether the file content of the file contains an executable file comprises:
detecting whether the file content of the file contains a PE file; alternatively, the first and second electrodes may be,
and detecting whether the file content of the file contains an executable script command.
3. The method according to claim 1 or 2, wherein the detecting whether the file content of the file contains an executable file comprises:
starting to detect whether the file content of the file contains an executable file from the head of the file content of the file; alternatively, the first and second electrodes may be,
and starting to detect whether the file content of the file contains an executable file from the tail part of the file content of the file.
4. A malicious code detection apparatus, comprising:
the first judgment module is used for judging whether the file read into the memory is in the picture format or not;
the detection module is used for detecting whether the file content of the read-in file contains an executable file if the read-in file in the memory is a file in a picture format;
and the second judgment module is used for determining that the file in the picture format contains malicious codes if the file content of the file contains an executable file.
5. The malicious code detection apparatus according to claim 4, wherein the detection module is specifically configured to: detecting whether the file content of the file contains a PE file; or detecting whether the file content of the file contains an executable script command.
6. The malicious code detection apparatus according to claim 4 or 5, wherein the detection module includes:
the first detection submodule is used for detecting whether the file content of the file contains an executable file from the head of the file content of the file; alternatively, the first and second electrodes may be,
and the second detection submodule is used for detecting whether the file content of the file contains an executable file from the tail part of the file content of the file.
7. An electronic device, characterized in that the electronic device comprises: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor executes a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the method of any of the preceding claims.
8. A computer readable storage medium, characterized in that the computer readable storage medium stores one or more programs which are executable by one or more processors to implement the method of any preceding claim.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811579564.XA CN110866252A (en) | 2018-12-21 | 2018-12-21 | Malicious code detection method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811579564.XA CN110866252A (en) | 2018-12-21 | 2018-12-21 | Malicious code detection method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110866252A true CN110866252A (en) | 2020-03-06 |
Family
ID=69651574
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811579564.XA Pending CN110866252A (en) | 2018-12-21 | 2018-12-21 | Malicious code detection method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110866252A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060129603A1 (en) * | 2004-12-14 | 2006-06-15 | Jae Woo Park | Apparatus and method for detecting malicious code embedded in office document |
| US20080115219A1 (en) * | 2006-11-13 | 2008-05-15 | Electronics And Telecommunications Research | Apparatus and method of detecting file having embedded malicious code |
| CN102043915A (en) * | 2010-11-03 | 2011-05-04 | 厦门市美亚柏科信息股份有限公司 | Method and device for detecting malicious code contained in non-executable file |
| CN103221960A (en) * | 2012-12-10 | 2013-07-24 | 华为技术有限公司 | Detection method and apparatus of malicious code |
| CN103294951A (en) * | 2012-11-29 | 2013-09-11 | 北京安天电子设备有限公司 | Malicious code sample extraction method and system based on document type bug |
| US20160269653A1 (en) * | 2008-12-24 | 2016-09-15 | Flir Systems Ab | Executable code in digital image files |
| CN106874758A (en) * | 2016-08-22 | 2017-06-20 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus for recognizing document code |
| CN106919811A (en) * | 2015-12-24 | 2017-07-04 | 阿里巴巴集团控股有限公司 | File test method and device |
| CN108182363A (en) * | 2017-12-25 | 2018-06-19 | 哈尔滨安天科技股份有限公司 | Detection method, system and the storage medium of embedded office documents |
-
2018
- 2018-12-21 CN CN201811579564.XA patent/CN110866252A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060129603A1 (en) * | 2004-12-14 | 2006-06-15 | Jae Woo Park | Apparatus and method for detecting malicious code embedded in office document |
| US20080115219A1 (en) * | 2006-11-13 | 2008-05-15 | Electronics And Telecommunications Research | Apparatus and method of detecting file having embedded malicious code |
| US20160269653A1 (en) * | 2008-12-24 | 2016-09-15 | Flir Systems Ab | Executable code in digital image files |
| CN102043915A (en) * | 2010-11-03 | 2011-05-04 | 厦门市美亚柏科信息股份有限公司 | Method and device for detecting malicious code contained in non-executable file |
| CN103294951A (en) * | 2012-11-29 | 2013-09-11 | 北京安天电子设备有限公司 | Malicious code sample extraction method and system based on document type bug |
| CN103221960A (en) * | 2012-12-10 | 2013-07-24 | 华为技术有限公司 | Detection method and apparatus of malicious code |
| CN106919811A (en) * | 2015-12-24 | 2017-07-04 | 阿里巴巴集团控股有限公司 | File test method and device |
| CN106874758A (en) * | 2016-08-22 | 2017-06-20 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus for recognizing document code |
| CN108182363A (en) * | 2017-12-25 | 2018-06-19 | 哈尔滨安天科技股份有限公司 | Detection method, system and the storage medium of embedded office documents |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9953162B2 (en) | Rapid malware inspection of mobile applications | |
| EP2955658B1 (en) | System and methods for detecting harmful files of different formats | |
| JP6223458B2 (en) | Method, processing system, and computer program for identifying whether an application is malicious | |
| US9135443B2 (en) | Identifying malicious threads | |
| US11470097B2 (en) | Profile generation device, attack detection device, profile generation method, and profile generation computer program | |
| WO2013139215A1 (en) | Method and device for identifying virus apk | |
| EP2998902B1 (en) | Method and apparatus for processing file | |
| CN110096889B (en) | File detection method, device, equipment and computer readable storage medium | |
| US10255431B2 (en) | System and method of detecting unwanted software | |
| CN108028843B (en) | Method, system and computing device for securing delivery of computer-implemented functionality | |
| WO2014048203A1 (en) | Method and apparatus for scanning files | |
| US9842018B2 (en) | Method of verifying integrity of program using hash | |
| CN108959915B (en) | Rootkit detection method, rootkit detection device and server | |
| CN112395603B (en) | Vulnerability attack identification method and device based on instruction execution sequence characteristics and computer equipment | |
| CN113312623B (en) | Process detection method and device in access control, electronic equipment and storage medium | |
| CN110866252A (en) | Malicious code detection method and device, electronic equipment and storage medium | |
| WO2016095671A1 (en) | Method and device for processing application-based message | |
| CN114003907A (en) | Malicious file detection method and device, computing equipment and storage medium | |
| CN113779576A (en) | Identification method and device for executable file infected virus and electronic equipment | |
| CN112199672A (en) | Account authority lifting behavior detection method and device and readable storage medium | |
| CN107577941B (en) | Method and equipment for intercepting code bypass | |
| CN107330327B (en) | Infected file detection method, server, processing method, device and detection system | |
| CN112580038A (en) | Anti-virus data processing method, device and equipment | |
| CN115964708A (en) | Automatic feature extraction method and device for preventing false alarm, electronic equipment and storage medium | |
| CN114329464A (en) | Anti-virus engine detection method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200306 |