Research Article
A Malware and Variant Detection Method Using Function Call Graph Isomorphism
Table 2
Detection result of packed samples.
| Packer | notepad.exe | calc.exe | Original size (k) | Packed size (k) | Unpacked size (k) | Detection result | Original size (k) | Packed size (k) | Unpacked size (k) | Detection result |
| UPX | 65 | 49 | 124 | Yes | 112 | 55 | 163 | Yes | ASPack | 56 | 99 | Yes | 70 | 145 | Yes | FSG | 46 | 132 | Yes | 60 | 191 | Yes | MEW | 44 | 128 | Yes | 56 | 243 | No | PE-PACK | 37 | 96 | Yes | 45 | 143 | Yes | WinUPack | 44 | 160 | Yes | 52 | 215 | Yes | ASProtect | 369 | 69 | No | 373 | 114 | No | PackMan | 53 | 124 | Yes | 69 | 171 | Yes | PECompact | 49 | 112 | Yes | 56 | 159 | Yes |
|
|