Introducing SecureWoof, an AI-driven malware scanner that offers a dependable and efficient approach to detect and analyze potentially harmful executable files. SecureWoof utilizes various techniques and open-source libraries to accomplish this mission. When a user uploads an executable file, SecureWoof undergoes a series of steps to assess its safety.

Initially, the tool examines the file against a set of static Yara rules, effectively identifying any known patterns or signatures linked to malicious code. Following this, the file is meticulously unpacked using the widely-recognized Retdec unpacker, optimizing the process of decompressing files.

Once unpacked, the file is decompiled into a single C file using Ghidra, an open-source software package. This procedure equips the tool with the ability to analyze the code’s structure and content. To further refine the analysis, the decompiled code is fine-tuned using clang-tidy, a tool that ensures code quality and adherence to coding standards.

For an even more profound analysis, the decompiled code is enriched using FastText, a library that enhances the tool’s understanding of the semantic context of the code. Finally, the file undergoes an evaluation for malicious attributes using a trained RoBERTa transformer network.

The RoBERTa and FastText models integrated into SecureWoof have been trained on the SOREL-20M malware dataset, augmenting their capability to accurately identify and classify potential threats in uploaded files.

SecureWoof stands as a powerful solution, leveraging its intelligent scanning capabilities to empower users with an advanced approach for proactively addressing cybersecurity risks associated with executable files.