{ "function_edges": [ [ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 ], [ 0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26 ] ], // 看FCG,所有函数之间连接边的出边函数index和入边函数index "acfg_list": [ // 对应 data.raw_graph_list { // 一个CFG对应 data.raw_graph_list[a] "block_number": 3, // CFG中基本块的个数 √ data.raw_graph_list[a].g.__len__() "block_edges": [ [ 0, 0, 1, 1 ], [ 0, 2, 0, 2 ] ], // 中间那个块才是第0块,不知道为什么;第一个数组是所有边的出块号,第二个数组是所有边的入块号 √ data.raw_graph_list[a].g.edges "block_features": [ // 每个基本块的属性 [ 0, 2, 1, 0, 7, 0, 1, 1, 4, 0, 0 ], // 每个块的属性特征,属性特征为11维向量,具体是调用/传输/算术/逻辑/比较/移动/终止/数据声明/总指令数/字符串或整数常量/后代的数量 [ 0, 2, 0, 0, 3, 1, 0, 1, 0, 0, 0 ], [ 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0 ] ] }, { "block_number": 29, // CFG中基本块的个数 "block_edges": [ [ 0, 1, 1, 2, 2, 3, 3, 4, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, 11, 12, 12, 13, 14, 14, 15, 16, 17, 18, 19, 19, 20, 20, 21, 21, 23, 24, 24, 26, 26, 27, 28 ], [ 16, 0, 2, 0, 4, 1, 3, 3, 3, 25, 15, 8, 6, 6, 7, 28, 12, 9, 23, 16, 25, 11, 21, 17, 13, 19, 22, 14, 19, 18, 27, 24, 23, 26, 21, 22, 25, 10, 25, 5, 14, 8 ] ], "block_features": [ [ 8, 2, 1, 5, 36, 0, 6, 0, 2, 0, 0 ], [ 0, 7, 0, 0, 3, 0, 1, 1, 1, 0, 0 ], [ 0, 7, 0, 0, 2, 0, 1, 1, 0, 0, 0 ], [ 0, 7, 0, 1, 8, 1, 2, 0, 0, 0, 0 ], [ 0, 7, 1, 0, 2, 0, 1, 0, 0, 0, 0 ], [ 0, 7, 0, 0, 1, 0, 0, 0, 1, 0, 0 ], [ 1, 18, 0, 1, 9, 0, 2, 1, 1, 0, 0 ], [ 1, 21, 1, 0, 3, 0, 1, 1, 0, 0, 0 ], [ 0, 21, 0, 1, 4, 1, 2, 0, 0, 0, 0 ], [ 0, 24, 0, 2, 12, 1, 3, 0, 0, 0, 0 ], [ 1, 26, 0, 3, 16, 0, 4, 1, 4, 0, 0 ], [ 1, 2, 0, 5, 22, 0, 5, 0, 1, 0, 0 ], [ 5, 4, 1, 3, 21, 0, 4, 1, 3, 0, 0 ], [ 4, 11, 0, 2, 17, 1, 2, 0, 1, 0, 0 ], [ 2, 14, 0, 1, 12, 0, 2, 1, 1, 0, 0 ], [ 3, 17, 0, 0, 10, 0, 1, 0, 1, 0, 0 ], [ 1, 1, 0, 1, 5, 0, 2, 0, 0, 0, 0 ], [ 0, 14, 0, 0, 1, 0, 0, 0, 0, 0, 0 ], [ 3, 17, 0, 0, 7, 0, 0, 0, 0, 0, 0 ], [ 0, 17, 0, 1, 5, 0, 2, 1, 1, 0, 0 ], [ 2, 28, 1, 1, 11, 1, 2, 1, 1, 0, 0 ], [ 0, 11, 0, 1, 8, 1, 2, 0, 0, 0, 0 ], [ 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0 ], [ 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0 ], [ 12, 27, 1, 7, 41, 0, 8, 1, 6, 0, 0 ], [ 0, 0, 1, 0, 7, 1, 0, 0, 0, 1, 0 ], [ 2, 9, 0, 2, 17, 0, 3, 1, 3, 0, 0 ], [ 2, 14, 0, 0, 5, 0, 1, 0, 4, 0, 0 ], [ 1, 21, 4, 1, 13, 0, 2, 0, 5, 0, 0 ] ] } ], "function_names": [ // 包括外部函数和局部函数的函数名 "sub_401000", "start", "GetTempPathW", "GetFileSize", "GetCurrentDirectoryW", "DeleteFileW", "CloseHandle", "WriteFile", "lstrcmpW", "ReadFile", "GetModuleHandleW", "ExitProcess", "HeapCreate", "HeapAlloc", "GetModuleFileNameW", "CreateFileW", "lstrlenW", "ShellExecuteW", "wsprintfW", "HttpSendRequestW", "InternetSetOptionW", "InternetQueryOptionW", "HttpOpenRequestW", "HttpQueryInfoW", "InternetReadFile", "InternetConnectW", "InternetOpenW" ], // √ "hash": "316ebb797d5196020eee013cfe771671fff4da8859adc9f385f52a74e82f4e55", // 文件哈希,可以用文件名中的md5替代 √ "function_number": 27 // 函数数量 √ }