System and method for detecting file altering behaviors pertaining to a malicious attack

What is claimed is: 1. A system comprising: one or more processors; and a storage module communicatively coupled to the one or more processors, the storage module comprising logic that, upon execution by the one or more processors, performs operations comprising: receiving configuration information that identifies at least one or more locations of a system operating within a virtual machine for placement of lure data in the system, the lure data being configured to entice interaction of the lure data by malware associated with an object under analysis, placing the lure data within the system according to the configuration information, subsequent to placing the lure data within the system, selectively modifying information associated with the lure data, processing the object within the virtual machine, and determining whether the object exhibits one or more behaviors that alter the lure data or a portion of the system based on a comparison of one or more actions performed while processing the object that are associated with the lure data and one more patterns that represent one or more changes to the system associated with the lure data caused by known malware. 2. The system of claim 1 , wherein the placing of the lure data within the system comprises generating one or more lure files according to the configuration information and placing a lure file of the one or more lure files into the one or more locations of a file system being the system configured at least for data storage. 3. The system of claim 2 , wherein the selectively modifying the information associated with the lure data comprises modifying a name of the lure file. 4. The system of claim 2 , wherein the selectively modifying the information associated with the lure data comprises modifying content of (i) a directory within the file system, (ii) the content includes a sub-directory, (iii) a folder, or (iv) a file located within the directory. 5. The system of claim 2 , wherein the logic further performs the operations including analyzing the configuration information including a lure configuration file and determining (i) a number of lure files to be generated, (ii) a type of each lure file of the one or more lure files, (iii) characteristics of each lure file of the one or more lure files, and (iv) a location in the file system for each of the one or more lure files. 6. The system of claim 2 further comprising: prior to processing the object received from a network, capturing a snapshot of a state of the file system including the lure data having the selectively modified information. 7. The system of claim 6 , wherein determining whether the object exhibits file altering behavior includes a comparison of the state of the file system captured in the snapshot and a state of the file system after beginning processing the object. 8. The system of claim 1 , wherein the configuration information is part of a lure configuration file that includes configuration information associated with one or more lure files being part of the lure data and information associated with placement of the one or more lure files in the system operating as a file system. 9. The system of claim 1 , wherein the selectively modifying of the information associated with the lure data comprises adding one or more characters to a name assigned to the lure data. 10. The system of claim 9 , wherein the name of the lure data is modified into a pseudo-random name. 11. The system of claim 1 , wherein the logic, prior to placing the lure data within the system, performs an operation of configuring the system to replicate a file system of a particular endpoint device. 12. The system of claim 1 , wherein the system corresponds to one of a disk file systems, an optical disk file system, a flash file system, or a database file system. 13. The system of claim 1 , wherein the lure data includes a lure file with one or more security measures being utilized to appear that contents of the lure file are being protected, the one or more security measures include encryption or password protection. 14. The system of claim 1 , wherein the configuration information further includes at least one attribute of the lure data. 15. The system of claim 14 , wherein the selectively modifying the information associated with the lure data comprises modifying an attribute of the at least one attribute of the lure data. 16. The system of claim 14 , wherein the lure data is a lure file and the at least one attribute includes a name of the lure file. 17. A non-transitory computer readable medium that is executed by one or more hardware processors, the medium comprising: a virtual machine installed with a file system, a configuration file, and one or more lure files; a first software module that, upon execution by the one or more hardware processors, selectively modifies information associated with a lure file of the one or more lure files; a second software module that, upon execution by the one or more hardware processors, processes an object received from a network within the virtual machine; and a third software module that, upon execution by the one or more hardware processors, determines the object includes file altering malware when one or more actions performed while processing the object that are associated with the lure file match a known pattern. 18. The non-transitory computer readable medium of claim 17 , wherein the first software module to selectively modify the information associated with the lure file by at least modifying a name of the lure file. 19. The non-transitory computer readable medium of claim 17 , wherein the first software module to selectively modify the information associated with the lure file by at least modifying content of a directory within the file system, the content includes one of a sub-directory, a folder or a file located within the directory. 20. The non-transitory computer readable medium of claim 17 , wherein the configuration file being used by the one or more hardware processors to determine (i) a number of lure files to be generated, and (ii) a location in the file system for each of the one or more lure files. 21. The non-transitory computer readable medium of claim 20 , wherein the configuration file being further used by the one or more hardware processors to determine (iii) a type of each lure file of the one or more lure files, and (iv) characteristics of each lure file of the one or more lure files. 22. The non-transitory computer readable medium of claim 17 further comprising: a snapshot of a state of the file system including the lure file having the selectively modified information. 23. The non-transitory computer readable medium of claim 22 , wherein the third software module, upon execution by the one or more hardware processors, determines the object includes file altering malware upon a comparison of the state of the file system captured in the snapshot and a state of the file system after beginning processing of the object. 24. A computerized method, comprising: receiving configuration information that identifies least one or more locations of a system configured at least for data storage that is operating within a virtual machine for placement of the lure data into the system, the lure data being configured to entice interaction of the lure data by malware associated with an object under analysis; placing the lure data within the system according to the configuration infor