Measuring performance of a malware analysis system in “samples per hour” is misleading and does not in any way give an accurate representation of it effectiveness. However, this measure is often used to conceal the significant overhead of such solutions. In practice, the throughput of “samples per hour” almost completely