Dynamic analysis of WannaCry and its possible origins required hours of manual code inspection. As a result, the first clues took several days to emerge, and further insights took weeks. Dynamic analysis simply cant scale to compare code quickly enough to identify the origins of a new piece of malware in a timely way. Through this approach, we can create a malware genome, if you will, that provides an understanding of how malware evolved, even when its an amalgamation of multiple malicious tools.”]