US 11,755,728 B2
Systems, methods, and media for analyzing structured files for malicious content
Qiang Liu, Fremont, CA (US); Chong Xu, Sunnyvale, CA (US); Praveen Kumar Amritaluru, Chennai (IN); and Mayank Bhatnagar, Bangalore (IN)
Assigned to McAfee, LLC, San Jose, CA (US)
Filed by McAfee, LLC, San Jose, CA (US)
Filed on Feb. 4, 2021, as Appl. No. 17/167,895.
Claims priority of application No. 202011053429 (IN), filed on Dec. 8, 2020.
Prior Publication US 2022/0179953 A1, Jun. 9, 2022
Int. Cl. G06F 21/55 (2013.01)
CPC G06F 21/554 (2013.01) [G06F 2221/033 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A system for analyzing a structured file which is not known to be free of or contain malicious content for malicious content, comprising:
a memory; and
at least one hardware processor that is coupled to the memory and configured to:
parse the structured file into a plurality of portions;
select a selected portion of the plurality of portions;
check the selected portion to determine if at least one pre-condition is met,
wherein the at least one pre-condition is the selected portion having one of a given name, a given file extension, and a given file type; and
in response to determining that the at least one pre-condition is met:
decode the selected portion to form a decoded portion; and
check the decoded portion to determine if it is malicious.