The techniques described herein identify, and/or distinguish between, legitimate code and/or irrelevant code in programs so that an analyst does not have to spend additional time sifting through and/or considering the irrelevant code when viewing the code of the program. Therefore, the analyst can be more efficient when determining a type of a program (e.g., malware) and/or when determining the actions of the program. For instance, a security researcher may be tasked with identifying the malware and/or determining the harmful or deceptive actions the malware executes on a computer (e.g., deletion of a file, the targeting of sensitive information such as social security numbers or credit card numbers, etc.).
