Analysis of malware introduces new challenges that are not present when analyzing programs in the normal context. Besides the fact that the programs are in a binary form, they are explicitly created to defeat analysis by hiding behind undecidability. Nonetheless, I will show that program analysis methods can indeed be used to answer a variety of questions related to malware. For instance, by relaxing the requirements of safety one can use program analysis to provide semantics based “features” to a machine learner. Similarity analysis is a key tool for understanding and querying big-data of code, in particular in the context of malware analysis and mitigation. We will provide an end-to-end experience in analyzing malware binaries, extracting semantics features, and using those in a machine learner to find similar malware in a repository. We will use these hands-on exercises to also highlight opportunities and challenges for further research, and introduce you to the state-of-the-art technologies to get started.