As threat hunters, we are often faced with the problems of analyzing many malicious binaries, related or not. Some of the problems encountered are ranging from classifying a sam-
ple to a known family, identifying common functions or used libraries, to finding a unique function across a large set of samples. Building on our experience with Machoc, a CFG matching algorithm published in 2016, our aim was to solve these problems while scaling our malware collection to tens of thousands of samples.

We will present the techniques we developped in order to scale Machoc comparison, and also an overview of a new algorithm we developped to identify common functions in a large dataset.