Microsoft Corporation
MALWARE DETONATION

Abstract:

A system to detonate malware received from a delegated access link provided to a user is disclosed. An application is received via a delegated access link provided to the user. A verdict is determined on the delegated access link. If the verdict on the delegated access link is unknown the application is opened in a laboratory user based on the user, and activities of the application are monitored. A verdict on the delegated access link is determined based on whether monitored activities include suspicious activities.