Class:
Explanation:
On the left, it shows the classification result: the probability the target executable belongs to each class. It is computed based on which clusters of functions the target executable has a function that belongs to. Below, it shows the relevant clusters of functions to the classification result. They are ordered based on their contribution/importance to the result. The absolut contribution of a cluster is given and the percentage of it to the overall contribution is shown in pie chart. By clicking a cluster, the user will be redirected the position of the function in the target executable that belongs to the cluster in the Details page. In the Details page, the functions of the target executable is also sorted by their importance. A malware analyst is suggested to examine functions based on their importance.
Patterns related to the target executable:
Clusters ranked by contribution to the classification result:
Filters
Address Range
-
Zoom Level
-
Filter Functions
-
WARNING: using this filter will disable address pagination and it may be slow to search through all the functions.
- FILTER UNMATCHED FUNCTIONS
Filter Clusters