0
1
00:00:06,420 --> 00:00:13,440
Static analysis relies on features extracted without executing code while dynamic analysis extracts
1

2
00:00:13,440 --> 00:00:16,080
features based on execution.
2

3
00:00:16,080 --> 00:00:22,890
In general static analysis is more efficient while dynamic analysis can be more informative, particularly
3

4
00:00:22,890 --> 00:00:26,590
in cases where the code is obfuscated.
4

5
00:00:26,740 --> 00:00:33,130
On the other hand automated analysis usually involves running the malware sample inside a malware sandbox
5

6
00:00:33,310 --> 00:00:38,260
while running a number of scripts that perform a combination of static and dynamic analysis.