MALLEVEL

MALLEVEL Prediction of PEs

Model & Performance

 

Model Used: XGBoost

Confusion Matrix Statistics
Training Accuracy: 98.68%
Testing Accuracy: 98.57%
False Positive Rate: 1.55%
False Negative Rate: 1.29%

Dataset Preview

 
filename isSigned isPacked MajorLinkerVersion MinorLinkerVersion SizeOfUninitializedData ImageBase FileAlignment MajorOperatingSystemVersion MajorImageVersion MinorImageVersion MajorSubsystemVersion SizeOfImage SizeOfHeaders CheckSum Subsystem DllCharacteristics SizeOfStackReserve SizeOfHeapReserve NumberOfSections e_cblp e_lfanew SizeOfRawData Characteristics Misc BaseOfData inject_thread create_process persistence hijack_network create_service create_com_service network_udp_sock network_tcp_listen network_dyndns network_toredo network_smtp_dotNet network_smtp_raw network_smtp_vb network_p2p_win network_tor network_irc network_http network_dropper network_ftp network_tcp_socket network_dns network_ssl network_dga bitcoin certificate escalate_priv screenshot lookupip dyndns lookupgeo keylogger cred_local sniff_audio cred_ff cred_vnc cred_ie7 sniff_lan migrate_apc spreading_file spreading_share rat_vnc rat_rdp rat_telnet rat_webcam win_mutex win_registry win_token win_private_profile win_files_operation Str_Win32_Winsock2_Library Str_Win32_Wininet_Library Str_Win32_Internet_API Str_Win32_Http_API ldpreload mysql_database_presence suspicious_dbgts family
0 7259675aad35bed593ec88a0f96263e182eaac06043f25df3362eb29186d2cd1.exe 0 0 2 25 0 4194304 512 4 0 0 4 925696 1024 0 2 0 1048576 1048576 8 80 256 897536 33166 899385 512000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1 0 0 0 0 0 0 -1 Malware
1 CNET_205789.exe 0 0 11 0 0 4194304 512 4 0 0 6 3440640 512 0 2 34144 1048576 1048576 3 144 128 3420672 258 3419600 3121152 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Benign
2 CNET_2303.exe 1 0 8 0 0 4194304 512 4 0 0 4 630784 512 619807 2 34112 1048576 1048576 3 144 128 610816 258 609968 450560 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Benign
3 9c391e9b2e0d0bf71ac18c3af61886a69e6c41bb09f7c7ec262cde9c2cb19739.exe 0 1 12 0 0 4194304 512 5 0 0 5 2007040 1024 1988269 2 32832 4194304 4194304 5 144 272 1978880 290 1993476 585728 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 1 1 1 0 0 0 Malware
4 8e5e93b6f3eee7f1a08a0420b25105017d3479769e6bf9d6b2518d3abc6b1a75.exe -1 0 11 0 0 4194304 512 6 0 0 6 1380352 1024 376379 2 33088 1048576 1048576 5 144 232 1366016 258 1372208 32768 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 Malware
5 Sourceforge_6554.exe 0 0 6 0 0 4194304 4096 4 0 0 4 65536 4096 54655 3 1024 1048576 1048576 3 144 128 45056 270 36008 49152 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 Benign
6 2294.exe 0 0 8 0 0 4194304 4096 4 0 0 4 122880 4096 0 2 1344 1048576 1048576 3 144 128 106496 270 99128 106496 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Benign
7 CNET_233318.exe 0 0 11 0 0 4194304 512 4 0 0 6 2973696 1024 0 2 34144 4194304 1048576 3 144 128 2948608 34 2947864 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 Benign
8 Sourceforge_806.exe 0 0 6 0 0 4194304 4096 4 0 0 4 106496 4096 0 2 1024 1048576 1048576 3 144 128 86016 270 74944 90112 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Benign
9 04a77eddc958bea38debfb0b41e1c17e0204e390595718f9b9aededffaa999ef.exe 0 0 8 0 0 4194304 512 4 0 0 4 442368 512 0 2 34144 1048576 1048576 3 144 128 419840 258 419162 425984 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Malware
10 698b2ca9a484cb208450d78a8d3a17af49d67ddf88013b059462eb53e62f6e0a.exe -1 0 2 50 0 4194304 512 4 0 0 4 335872 1024 397894 2 0 1048576 1048576 4 144 128 324096 271 323125 290816 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 -1 Malware
11 CNET_252272.exe -1 1 11 0 0 285212672 4096 4 0 0 4 245760 4096 290103 2 34112 1048576 1048576 3 144 128 233472 258 225160 229376 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Benign
12 8364a9e6348589a1ab1ae6628014fec87f605b98d60f28cf2c6fa1b9f8e4519c.exe 0 1 6 0 0 4194304 4096 4 0 0 4 270336 4096 0 2 0 1048576 1048576 4 144 232 266240 271 259768 40960 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 0 0 0 0 0 -1 Malware
13 147e92a20eaa350aef112cd3110af132aa9667af4e8eb90d345d4b7da8cea95c.exe 0 1 8 0 0 4194304 512 4 0 0 4 548864 512 0 2 34112 1048576 1048576 3 144 128 518656 258 517856 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Malware
14 827683f3d9904e725c83f067b391427f2c1e9dd9a4bd4741f285480cd9401279.exe 0 1 6 0 0 4194304 4096 4 0 0 4 270336 4096 0 2 0 1048576 1048576 4 144 232 266240 271 259768 40960 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 0 0 0 0 0 -1 Malware
15 1027.exe 0 0 8 0 0 4194304 4096 4 0 0 4 40960 4096 0 2 1024 1048576 1048576 3 144 128 24576 270 14832 24576 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Benign
16 Sourceforge_4883.exe 0 0 8 0 0 4194304 512 4 0 0 4 73728 512 0 2 34112 1048576 1048576 3 144 128 48640 258 47824 57344 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Benign
17 95ea21e386c6bcabbb62859aa2110c2d239e3abd173ffc60352c90bc9193b5db.exe 0 1 48 0 0 4194304 512 4 0 0 4 516096 512 0 2 34112 1048576 1048576 3 144 128 486912 258 486176 499712 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 Malware
18 3aa90f6583dde40c643519b2baa2f5d3b3a0e5c4ab54b7e7f64cf662f8c0fabb.exe 0 1 48 0 0 4194304 512 4 0 0 4 761856 512 0 2 34112 1048576 1048576 3 144 128 740352 258 739428 565248 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Malware
19 644b2b2c196fd3364abd57c99e9c8be54c9a07311fe0d08e4f739af07d041e60.exe 0 1 12 0 0 4194304 512 5 0 0 5 1941504 1024 1918265 2 32832 4194304 4194304 5 144 272 1910784 290 1925652 585728 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1 1 1 1 0 0 0 Malware