With the continuous evolution of the Windows operating system, malware-especially those based on Portable Executable (PE) files-has become increasingly sophisticated. Recent studies have widely adopted artificial intelligence (AI), particularly deep learning (DL) models, for malware detection. Among these, approaches focusing on API function analysis have shown their potential, but often overlook additional contextual information. In this work, we propose a Windows malware detection framework that uses the API function information as the primary feature, enhanced by graph-based representations and BERT-based embeddings derived from API descriptions. We analyze function names and their associated parameters and design a multimodal architecture that integrates multiple model branches for improved detection. Extensive experiments across various embedding methods and API configurations demonstrate the effectiveness of our approach. The results confirm its ability to comprehensively analyze API-related data and its potential for real-world malware detection.
