Abstract
The number of malwares has been consistently growing for several years and the working platform of them was diversified. To analyze these malwares, an analyst uses automated investigation tools as sandbox. However, current malwares apply the various techniques to avoid the detection of the sandbox. Especially, it is hard to be analyzed when the malicious behavior is triggered by user events. In this paper, we propose methods to enter malicious behavior routine in the sample malware codes, which is happened during the virtual execution in the sandbox in order to perform the analysis of malware. We design the methods as the user action event generator using fuzzing. The malicious behaviors triggered by the generator are exported to the sandbox report as API list. We show the result of the event generator.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
