How should we automate malware fingerprinting and feature extraction?
Should we automatically run things like strings and make the output searchable?
Should we automatically look for data like URLs, domain names, and IP addresses that make up the network fingerprint. Should we do more detailed analysis on connect() calls and such?
How can we automate some of the static analysis like call-graph extraction?