Malware infects thousands of systems globally each day causing millions of dollars in damages. Tools like anti-malware engines and disassemblers are essential front-line tools in malware defense. Anti-malware engines are used to detect malware while disassemblers are used to analyze the malware, understand its operations, and defuse it. Our overarching goal is to identify and improve our ability to detect and understand malware and consists of three major thrusts. First, we address the problem of identifying which available disassembler gives the most accurate disassembly for malware binaries of the ARM and MIPS architecture. Surprisingly, our comprehensive and systematic evaluation revealed that disassemblers have complementary capabilit...