Monday, July 19, 2010

Rerunning samples

We'll be rerunning our entire sample database over the next few days to collect more information on embedded EXE's for a upcoming enhancement to the search page, there might be some extra long processing times for new samples (don't worry we'll still prioritize new samples to run before old ones), and some existing samples will show as queued/running temporarily.

Behind the scenes we've developed 6 different cryptanalysis techniques for detecting embedded executables, we'll be testing all the methods to determine the most effective and efficient one(s). You may have noticed some clean samples taking a while to run, we've been sequentially exhaustively searching with various techniques to locate embedded executables, a key indicator for a malicious document.

No comments:

Post a Comment