Malware Analysis

In our paper, “MalwarePT: A Robust Binary-Level Foundation Model for Malware Analysis,” we introduce MalwarePT, a novel foundation model designed to enhance malware analysis by addressing key limitations of existing machine learning (ML) approaches.

DeepCapa is an automated post-detection framework that identifies and maps potentially malicious capabilities in malware to the code that implements these capabilities. It proposes a novel feature engineering approach that statically extracts API-call sequences from multiple memory snapshots taken during a sample’s dynamic execution. This approach allows for more comprehensive code coverage and effectively counters anti-sandbox techniques. Deepcapa also proposes a neural network architecture to not only accurately detects capabilities but also provide interpretable detections.

Basic Information Name: Sepsis Ransomware SHA256: 3c7d9ecd35b21a2a8fac7cce4fdb3e11c1950d5a02a0c0b369f4082acf00bf9a SHA-1 518d5a0a8025147b9e29821bccdaf3b42c0d01db MD5 1221ac9d607af73c65fd6c62bec3d249 File Type Win32 EXE Detection: According to the analysis report by Virus Total the detection rate of the sample is 57/70.