Large scale Malware analysis

Resumo

Malware overview reports are valuable information to understand threats behavior and develop proper countermeasures. Currently, most of these studies are focused on either fine-grained, individual sample analysis or coarse-grained landscapes. On the one hand, only the first allows professionals to handle specific security breaches. On the other hand, only the second allows understanding threat scenario as a whole. We claim that a complete security treatment is only possible when combining both approaches. Therefore, this work presents an analysis of a large malware dataset, showing the distinctions between coarse-grained and fine-grained analysis results. It presents both a general threat scenario based on coarse-grained results as well as it details fine-grained results to identify particular malicious constructions to anticipate incident response of future threats.