“…Features that are commonly gleaned from a static analysis of malware include Portable Executable (PE) header metadata such as Dynamic Link Library (DLL) [21] and API calls [28], bytes sequences (or n-grams) [21,14,29], Operational Codes (OpCodes) [19,22,24], strings [21,25,12], and function length and function length frequency [26]. Strings-based techniques were shown to achieve high detection and classification accuracy compared to PE and n-grams based techniques [21,25].…”