Dynamic Unpacking

The WildFire public cloud now unpacks and deobfuscates files that have been encoded using custom and open source file compression or packing tools. This provides improved coverage by analyzing files that might have previously dropped as a result of code obfuscation. No additional configuration is required to analyze files using dynamic unpacking; it is automatically performed based on file characteristics detected by WildFire.
Additional information about dynamic unpacking:
  • WildFire analysis results for files that are decompressed using dynamic unpacking are shown under the static analysis heading of the WildFire Analysis Report. The following example shows two new behaviors associated with dynamic unpacking.
  • Dynamic unpacking does not have an analysis platform number, as it uses a combination of static and dynamic analysis.
  • Dynamic unpacking behaviors are listed under the Suspicious File Properties heading of the WildFire Analysis Report.

Recommended For You