CPC G06F 21/554 (2013.01) [G06F 2221/033 (2013.01)] | 17 Claims |
1. A system for analyzing a structured file which is not known to be free of or contain malicious content for malicious content, comprising:
a memory; and
at least one hardware processor that is coupled to the memory and configured to:
parse the structured file into a plurality of portions;
select a selected portion of the plurality of portions;
check the selected portion to determine if at least one pre-condition is met,
wherein the at least one pre-condition is the selected portion having one of a given name, a given file extension, and a given file type; and
in response to determining that the at least one pre-condition is met:
decode the selected portion to form a decoded portion; and
check the decoded portion to determine if it is malicious.
|