EPS
← All batches·2605.21821

A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox

topic: current_projecttop score: 100released: 2026-05-22first surfaced: 2026-05-22arXivPDFlinked_to_results2026-05-22

Authors: Zhiyong Sui, Lamine Noureddine, Mst Eshita Khatun et al.

arXiv · PDF

Summary

arXiv:2605. 21821v1 Announce Type: new Abstract: Sandbox evasion remains a critical challenge for automated malware analysis, as modern malware employs environment checks to detect analysis platforms and suppress malicious behavior.

Relevance

Read next because A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox overlaps with clean result "Leakage rate is a usable signal for recovering trigger-shaped phrases on Gaperon-1125-1B without knowing the hidden trigger itself (MODERATE confidence)", clean result "Language-mismatch LoRA SFT on Qwen2.5-7B leaks the trained completion language into bystander directives the model was never trained on, absent under same-language SFT (LOW confidence)", clean result "Only continuous soft prefixes hit both EM axes at once on Qwen-2.5-7B-Instruct: discrete prompt searches split between the alignment objective and the distributional objective, and both discretizations of the soft prefix collapse (MODERATE confidence)". Matching terms: class, eval, line, rate, compare, language, model. Source: arxiv cs.CR (Cryptography and Security).

Abstract

arXiv:2605.21821v1 Announce Type: new Abstract: Sandbox evasion remains a critical challenge for automated malware analysis, as modern malware employs environment checks to detect analysis platforms and suppress malicious behavior. Existing approaches rely on manually crafted bypass rules that require deep reverse engineering of each evasion mechanism -an approach that cannot scale against rapidly evolving evasion techniques. In this paper, we leverage large language models (LLMs) to automatically generate YARA rules that bypass evasion checks in sandbox environments. We propose ABLE, which analyzes execution traces from malware terminated due to potentially evasive behavior and employs multiple reasoning strategies to generate targeted bypass rules. To address syntactic errors and improve the efficacy of the bypass rules in the LLM outputs, we introduce an auto-sanitization pipeline and feedback-driven iterative refinement. We evaluate ABLE on 334 real-world malware samples across four open-weight LLMs. ABLE achieves a 79% bypass success rate, with iterative refinement contributing 29.5% of successful cases. Compared to existing analysis platforms, ABLE identifies 47% more malware family classifications and exposes previously hidden behaviors.