Let’s say you are given a large number of malware samples from the same family, differing in details like drop email addresses, hosts used for SMTP communication and strings that trigger malware to act (details aren’t important here). Problem emerges when you want to collect these details - you can analyse manually 5 almost identical [...]

http://www.idleloop.org/?p=13