Use Protechtion

Manually dissecting malware takes hours. Our platform replaces this entire process with a single file upload and an AI agent team that provides results in minutes!

Comment 2

Inspiration

Malware analysis today is slow, manual, and fragmented. Cybersecurity analysts spend hours switching between tools, interpreting behavior, and piecing together risk while threats evolve in real time. We wanted to compress that entire workflow into minutes.

What it does

We built an AI-powered malware analysis and triage platform that acts like a coordinated team of security experts. With a single file upload, our system identifies the malware, analyzes its behavior, maps it to MITRE ATT&CK techniques, evaluates risk, and generates clear, actionable remediation steps.

How we built it

  • We used Docker, a sandbox environment to safely run static and dynamic analysis using tools like YARA, pefile, and JavaScript instrumentation
  • We created and deployed AI agents to handle ingestion, classification, MITRE mapping, remediation, and report generation
  • We optimized our platform to execute in parallel to speed up analysis, and used self-correction loops improve accuracy
  • We deliver real-time results through an intuitive dashboard merging FastAPI backend + Next.js frontend

Challenges we ran into

  1. We attempted to use virtual box initially but pivoted to E2B api which has its own virtual box due to system storage constraints. In this process, we swapped to Linux, which had limited capabilities in comparison to windows, preventing the program from running.
  2. Another challenge we faced was effectively using concurrency to ensure our agents don't timeout.

Accomplishments that we're proud of

Our system successfully analyzed a JavaScript malware sample end to end, automatically identifying it as a Trojan Downloader with severity 9/10, mapping MITRE ATT&CK techniques including T1059.007 (JavaScript Execution), T1071.001 (Web Protocols C2), and T1027 (Obfuscated Files), generating a real YARA detection rule, and producing a prioritized remediation plan, all within 2 minutes. The provided NextEra sample was quarantined by Windows Defender during the hackathon, which itself validates our platform's threat detection approach.

What we learned

We learned how powerful agent orchestration can be for complex, multi-step problems like cybersecurity. More importantly, we realized that the real value isn’t just detection it’s delivering fast, understandable, and actionable intelligence when it matters most.

What's next for Use Protechtion

Integrate GDB debugger Pivot back to Windows Virtual Box Stream windows vm onto the frontend platform

Built With

Share this project:

Updates