Abstract

CalMal uses unsupervised machine learning for categorising and clustering of malware based upon the behaviour of the malware. Currently CalMal uses data from VirusTotal . It provides following functionalities :

1. Cluster different malware family.
2. Identifying similarities with any APT malware
3. Identify new samples.
4. Providing visual clustering It can easily be extended to use data from any sandbox.