The continued growth in number and in complexity of malware is a well established fact. Malwares are no longer simple pieces of code that rely on unsuspecting users to spread and thrive. They can change, adapt and hide them- selves from analysts, using very sophisticated techniques. Static analysis is complex and time consuming, and it could be difficult to deduce every possible malicious behaviour, yet it is often very effective because it hinders the capabil- ity of malware to detect the analysis environment. Using the results obtained from the project, the purpose of this work is to provide valuable assistance to the phase of static analysis, supporting analysts in their explo- ration of code features, by letting them make more focused, statistically motivated and structured decisions. Malware are day by day more complex and use tons of methods to evade detections. Knowing what is the most used evasion technique could be interesting and time saving in Malware research. Statistics are effective even to evaluate the time evolving threat rate, in other words studying how techniques evolve on time base and how to "knowm evasion techniques" are evolving is interesting as well. Actually no dinamic pipeline has been implemented, the Malware samples are taken from private repositories as well as public ones such as:


Marco Ramilli is a CyberSecurity Expert with an intensive white hat hacking background. Marco has been working with the US Government (National Institute of Standards and Technology, Security Division) and collaborates closely with the University of California, Davis (Security Labs) on new security paradigms, penetration testing methodologies, electronic voting systems' security and Malware. Marco had recently found his calling at Palantir Technologies where he had assisted in the development of a platform for making sense of big data in fields such as law enforcement, intelligence and public health. Marco is a malware writer now focalised on SCADA Systems. Marco contributed to numerous open source project regarding Cyber Security and Cyber Intelligence. Marco is now the CTO in YOROI SRL, a brand new security managed service provider, introducing new technologies to Cyber Security. Specialties:Software Security, Hacking Techniques, Hacking Methodologies, Security Engineering, Ethical Hacking, Penetration Testing, Malware, APTA.

For an update infos please refer to:

Powered by Marco Ramilli