CN101414328A - 一种用于对文件进行脱壳的装置和方法 - Google Patents
一种用于对文件进行脱壳的装置和方法 Download PDFInfo
- Publication number
- CN101414328A CN101414328A CNA2007101624375A CN200710162437A CN101414328A CN 101414328 A CN101414328 A CN 101414328A CN A2007101624375 A CNA2007101624375 A CN A2007101624375A CN 200710162437 A CN200710162437 A CN 200710162437A CN 101414328 A CN101414328 A CN 101414328A
- Authority
- CN
- China
- Prior art keywords
- code
- virtual machine
- shelling
- file
- program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000001514 detection method Methods 0.000 claims description 24
- 230000006870 function Effects 0.000 claims description 5
- 241000700605 Viruses Species 0.000 description 19
- 238000011022 operating instruction Methods 0.000 description 12
- 230000005856 abnormality Effects 0.000 description 9
- 239000008186 active pharmaceutical agent Substances 0.000 description 9
- 230000006835 compression Effects 0.000 description 5
- 238000007906 compression Methods 0.000 description 5
- 230000002155 anti-virotic effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 239000002574 poison Substances 0.000 description 3
- 231100000614 poison Toxicity 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 230000006837 decompression Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000003612 virological effect Effects 0.000 description 2
- 239000000284 extract Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
Description
Claims (12)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101624375A CN101414328B (zh) | 2007-10-15 | 2007-10-15 | 一种用于对文件进行脱壳的装置和方法 |
HK09107195A HK1127423A1 (en) | 2007-10-15 | 2009-08-05 | Method and apparatus for unshelling file |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2007101624375A CN101414328B (zh) | 2007-10-15 | 2007-10-15 | 一种用于对文件进行脱壳的装置和方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101414328A true CN101414328A (zh) | 2009-04-22 |
CN101414328B CN101414328B (zh) | 2012-07-18 |
Family
ID=40594861
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2007101624375A Active CN101414328B (zh) | 2007-10-15 | 2007-10-15 | 一种用于对文件进行脱壳的装置和方法 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN101414328B (zh) |
HK (1) | HK1127423A1 (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102184103A (zh) * | 2011-05-12 | 2011-09-14 | 电子科技大学 | 软件保护壳的壳特征提取方法 |
CN102184363A (zh) * | 2011-05-21 | 2011-09-14 | 电子科技大学 | 基于综合处理的软件壳自动脱壳方法 |
CN102314571A (zh) * | 2011-09-27 | 2012-01-11 | 奇智软件(北京)有限公司 | 处理计算机病毒的方法及装置 |
CN103019740A (zh) * | 2012-12-28 | 2013-04-03 | 北京神州绿盟信息安全科技股份有限公司 | 一种获取导入表和重定位表的方法及装置 |
CN103019828A (zh) * | 2012-12-28 | 2013-04-03 | 北京神州绿盟信息安全科技股份有限公司 | 一种基于加壳程序的辅助脱壳方法及装置 |
CN103793649A (zh) * | 2013-11-22 | 2014-05-14 | 北京奇虎科技有限公司 | 通过云安全扫描文件的方法和装置 |
CN108073814A (zh) * | 2017-12-29 | 2018-05-25 | 哈尔滨安天科技股份有限公司 | 基于静态结构化脱壳参数的脱壳方法、系统及存储介质 |
CN112580035A (zh) * | 2019-09-30 | 2021-03-30 | 奇安信安全技术(珠海)有限公司 | 程序脱壳方法及装置、存储介质、计算机设备 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100461197C (zh) * | 2006-05-16 | 2009-02-11 | 北京启明星辰信息技术有限公司 | 一种恶意代码自动分析系统及方法 |
-
2007
- 2007-10-15 CN CN2007101624375A patent/CN101414328B/zh active Active
-
2009
- 2009-08-05 HK HK09107195A patent/HK1127423A1/xx not_active IP Right Cessation
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102184103A (zh) * | 2011-05-12 | 2011-09-14 | 电子科技大学 | 软件保护壳的壳特征提取方法 |
CN102184363A (zh) * | 2011-05-21 | 2011-09-14 | 电子科技大学 | 基于综合处理的软件壳自动脱壳方法 |
CN102184363B (zh) * | 2011-05-21 | 2013-09-25 | 电子科技大学 | 基于综合处理的软件壳自动脱壳方法 |
CN102314571A (zh) * | 2011-09-27 | 2012-01-11 | 奇智软件(北京)有限公司 | 处理计算机病毒的方法及装置 |
CN103019740B (zh) * | 2012-12-28 | 2015-08-19 | 北京神州绿盟信息安全科技股份有限公司 | 一种获取导入表和重定位表的方法及装置 |
CN103019740A (zh) * | 2012-12-28 | 2013-04-03 | 北京神州绿盟信息安全科技股份有限公司 | 一种获取导入表和重定位表的方法及装置 |
CN103019828A (zh) * | 2012-12-28 | 2013-04-03 | 北京神州绿盟信息安全科技股份有限公司 | 一种基于加壳程序的辅助脱壳方法及装置 |
CN103019828B (zh) * | 2012-12-28 | 2015-06-17 | 北京神州绿盟信息安全科技股份有限公司 | 一种基于加壳程序的辅助脱壳方法及装置 |
CN103793649A (zh) * | 2013-11-22 | 2014-05-14 | 北京奇虎科技有限公司 | 通过云安全扫描文件的方法和装置 |
CN108073814A (zh) * | 2017-12-29 | 2018-05-25 | 哈尔滨安天科技股份有限公司 | 基于静态结构化脱壳参数的脱壳方法、系统及存储介质 |
CN108073814B (zh) * | 2017-12-29 | 2021-10-15 | 安天科技集团股份有限公司 | 基于静态结构化脱壳参数的脱壳方法、系统及存储介质 |
CN112580035A (zh) * | 2019-09-30 | 2021-03-30 | 奇安信安全技术(珠海)有限公司 | 程序脱壳方法及装置、存储介质、计算机设备 |
CN112580035B (zh) * | 2019-09-30 | 2024-02-06 | 奇安信安全技术(珠海)有限公司 | 程序脱壳方法及装置、存储介质、计算机设备 |
Also Published As
Publication number | Publication date |
---|---|
CN101414328B (zh) | 2012-07-18 |
HK1127423A1 (en) | 2009-09-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101414328B (zh) | 一种用于对文件进行脱壳的装置和方法 | |
Xue et al. | Malton: Towards {On-Device}{Non-Invasive} Mobile Malware Analysis for {ART} | |
US8250543B2 (en) | Software tracing | |
US11159541B2 (en) | Program, information processing device, and information processing method | |
Shahriar et al. | Testing of memory leak in android applications | |
US9438617B2 (en) | Application security testing | |
US20080289042A1 (en) | Method for Identifying Unknown Virus and Deleting It | |
US20240143739A1 (en) | Intelligent obfuscation of mobile applications | |
CN110928777B (zh) | 测试用例的处理方法、装置、设备及存储介质 | |
CN113391874A (zh) | 一种虚拟机检测对抗方法、装置、电子设备及存储介质 | |
CN107315677B (zh) | 判断应用程序发生异常的方法及装置 | |
US20230101154A1 (en) | Resumable instruction generation | |
CN107844703B (zh) | 一种基于Android平台Unity3D游戏的客户端安全检测方法及装置 | |
US7036045B2 (en) | Method and system for isolating exception related errors in Java JVM | |
US20220335135A1 (en) | Vulnerability analysis and reporting for embedded systems | |
CN113419960B (zh) | 用于可信操作系统内核模糊测试的种子生成方法及系统 | |
CN115202670A (zh) | 应用批量发布方法、装置、电子设备及存储介质 | |
CN115220859A (zh) | 数据输入方式的监测方法、装置、电子设备和存储介质 | |
WO2020065778A1 (ja) | 情報処理装置、制御方法、及びプログラム | |
WO2008036665A2 (en) | Methods, media, and systems for detecting attack on a digital processing device | |
Kumar et al. | Android application memory leakage detection approach | |
CN113139190A (zh) | 程序文件检测方法、装置、电子设备及存储介质 | |
CN111259392A (zh) | 一种基于内核模块的恶意软件拦截方法及装置 | |
JP2005134995A (ja) | セキュリティ管理システム及びセキュリティ管理方法ならびにセキュリティ管理プログラム | |
CN117112047B (zh) | 一种usb设备的管控方法、设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1127423 Country of ref document: HK |
|
ASS | Succession or assignment of patent right |
Owner name: BEIJING RISING INTERNATIONAL TECHNOLOGY CO., LTD. Free format text: FORMER OWNER: BEIJING RISING INTERNATIONAL SOFTWARE CO., LTD. Effective date: 20100413 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100080 ROOM 1305, ZHONGKE BUILDING, NO.22, ZHONGGUANCUN AVENUE, BEIJING CITY TO: 100190 ROOM 1301, ZHONGKE BUILDING, NO.22, ZHONGGUANCUN AVENUE, HAIDIAN DISTRICT, BEIJING CITY |
|
TA01 | Transfer of patent application right |
Effective date of registration: 20100413 Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Applicant after: Beijing Rising Information Technology Co., Ltd. Address before: 100080, room 1305, Zhongke building, 22 Zhongguancun street, Beijing Applicant before: Beijing Rising International Software Co., Ltd. |
|
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: GR Ref document number: 1127423 Country of ref document: HK |
|
C56 | Change in the name or address of the patentee | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee after: Beijing Rising Information Technology Co., Ltd Address before: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee before: Beijing Rising Information Technology Co., Ltd. |
|
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee after: Beijing net an Technology Limited by Share Ltd Address before: 100190 Beijing City, Haidian District Zhongguancun Street Branch No. 22 building, room 1301 Patentee before: Beijing Rising Information Technology Co., Ltd |