Malware, short for “malicious software,” is software that can be used to disrupt computer operations, damage data, gather sensitive information, or gain access to private computer systems without the user's knowledge or consent. Examples of such malware include software viruses, trojan horses, rootkits, ransomware etc. A common mechanism used by malware developers is to embed the malware into a file that is made to appear desirable to user, or is downloaded and executed when the user visits a web site. For example, malware may be embedded into a software application that appears legitimate and useful. The user downloads the file, and when the file is opened, the malware within the file is executed.
In the face of the growing threat of malware, many anti-malware software packages were developed to detect malware in a user's files. In order to detect malware in program files, it can be useful to run the program and determine the program's behavior. However, the number of program files that can be candidates for analysis can be in the millions or tens of millions of files. Analyzing such a large number of files using conventional methods can be impractical given the resources and time required to undertake such an analysis.