The　detection　of　unknown　malicious　executables　is　beyond　the　capability　of　many　existing　detection　approaches.　Machine　learning　or　data　mining　methods　can　identify　new　or　unknown　malicious　executables　with　some　degree　of　success.　Feature　selection　is　a　key　to　apply　data　mining　or　machine　learning　to　successfully　detect　malicious　executables.　We　propose　a　method　to　extract　features　which　are　most　representative　of　viral　properties.　We　show　that　our　classifier,　based　on　strings,　achieves　high　detection　rates　and　can　be　expected　to　perform　as　well　in　real-world　conditions.