This deliverable is a final report on the experimental results obtained by using structural
features to characterize executable code. It discusses and evaluates a number of tech-
niques, based on these features, that have been developed in the context of the wombat
project, and aim to provide a deeper understanding of malicious code and of the relations
between malicious code samples.
features to characterize executable code. It discusses and evaluates a number of tech-
niques, based on these features, that have been developed in the context of the wombat
project, and aim to provide a deeper understanding of malicious code and of the relations
between malicious code samples.