Microsoft quietly launched an AI agent that can detect and reverse engineer malware
Researchers say the tool is already achieving the “gold standard” in malware classification
Microsoft has launched an autonomous agent for detecting malware – and it’s already completed a first-of-a-kind detection of an active hacking group.
Project Ire is an AI agent capable of reverse engineering software files to investigate whether they’re malicious and analyze their origins, even if they don’t match any previously-cataloged threats.
Powered by a combination of large language models (LLMs) and specialized cybersecurity analysis tools, the agent is intended to automate malware classification to ease cybersecurity analyst burnout.
In recent tests, Project Ire was exposed to known samples from a database hackers have used for living off the land attacks, alongside harmless Windows drivers.
The agent correctly flagged 90% of all files, with only a two percent false positive rate, confirming the malicious nature of files such as a kernel-level rootkit by identifying suspicious features like process termination and a web-connected command and control structure.
Microsoft researchers described its ability to blindly reverse engineer files as “the gold standard in malware classification”.
They added that Project Ire is the first reverse engineer at Microsoft to build a strong enough case against a specific advanced persistent threat (APT) malware strain to justify its automatic blocking in Windows Defender.
Sign up today and you will receive a free copy of our Future Focus 2026 report - the leading resource for IT decision-maker insight on priorities and investment areas in AI, security and more.
In a broader test, researchers exposed Project Ire to 4,000 files that were unclassified by Microsoft’s automated systems and would normally have to be reviewed by highly-skilled reverse engineers.
Project Ire achieved a precision score of 0.89, meaning 90% of the files it marked as malicious were indeed threats, alongside an overall recall score of 0.26 meaning it discovered around 25% of all the malware in the sample.
Microsoft noted the tool achieved these results autonomously, with none of the files it was exposed to having been present in its training data, adding that other autonomous tools made by Microsoft were unable to classify the files at all.
Project Ire was created as a joint project between Microsoft Research, Microsoft Defender Research, and Microsoft Discovery & Quantum.
Project Ire could shake up AI malware classification
Malware classification is a painstaking process, in which experts pore over hundreds or thousands of files to determine whether a given piece of software has a malicious purpose.
In the past it’s been nearly impossible to automate, as AI tools can’t easily reverse engineer files without their context. They also lack the ability to definitively validate whether a file is malicious, as specific features within software could have both malicious and benign purposes.
Microsoft has attempted to overcome these limitations through Project Ire by equipping it with multi-level reasoning capabilities and the ability to call open source tools, documentation, and decompilers via API calls.
Every time Project Ire analyzes a file, the agent first runs triage to classify it, note its structure, and capture any other details that could point to its purpose or origin.
It then reverse engineers the file’s control flow graph, a graphic representation of a program’s execution paths, using the open source frameworks angr and Ghidra.
Project Ire can then call specific tools via an API to investigate specific functions within the file, adding each finding to an auditable chain of evidence that human analysts can check afterward to validate the LLM’s findings.
It is capable of periodically cross-checking its own claims using a built-in ‘validator’ tool, which uses expert statements from human malware reverse engineers who helped build Project Ire as context for making a final call for whether the file is malicious or benign.
This is then summarized in a final report for analyst oversight.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.
In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.
-
ITPro is 20!We take a look back on the past two decades since ITPro launched...
-
Cyber experts issue alert after two ransomware groups team up on ‘unprecedented’ threat campaignNews The tie-up includes a new model of industrialized ransomware deployment that significantly lowers the barrier to entry for cyber crime
-
Opera browser thinks it has the solution to stopping ClickFix malware attacksNews The browser company is targeting a growing source of malicious links with its new Paste Protect feature
-
‘Every hour ransomware goes undetected drastically increases its potential blast radius’: Hackers are breaching networks and laying low for longer – and nearly half of firms don’t realize until data is stolenNews An ExtraHop survey found more intrusions are going undetected, leading to longer dwell times
-
‘Hacking groups have the transport network firmly in their sights’: Network Rail is battling a torrent of cyber threatsNews FoI requests have revealed that the rail operator is under increasing attack, as cyber criminals set their sights on the transport sector
-
‘This operation marked a shift in strategy’: Three notorious malware networks have been taken down using RICO legislationNews The action involved the use of US racketeering laws to treat two malware families as part of a single conspiracy
-
Three quarters of firms have halted AI projects over safety and security concerns – and cyber pros think things will deteriorate as models like Claude Mythos improveNews AI has become a leading problem for enterprise security teams, they can't automate their way out of trouble
-
OpenAI expands 'Daybreak' cyber program: New tools, partnerships, and a cyber-focused GPT-5.5 aim to help 'patch the world'News The company has added new tools, signed up partners, and released its GPT-5.5-Cyber model more widely
-
IT teams are bullish on AI tools, but they’re worried security practices can’t keep paceNews Executives and IT teams are at odds over the risks associated with AI adoption
-
Hackers are capitalizing on AI hype to ramp up social engineering attacks – and they're using big brands like Anthropic, OpenAI, and DeepSeek as ‘bait’ to lure victimsNews Microsoft says cyber criminals are impersonating popular AI platforms to deliver malware