Suppose I've obtained a CFG(control-flow-graph) of a function, and suppose one of the basic block makes a call to another function (of course, the call being made in the last instruction of the Basic Block) .
My Question is: should I embed the CFG of the called Function within the CFG of the outer function?
Things to keep in mind:
- Im maintaining a CFGs for ALL the functions in the disassembled binary.
- The project im dealing with , is malware detection using static analysis .
- If any one of the CFGs in the test binary sample matches with any one of the CFGs in the malware sample.
The test sample is malicious.