Most of the malware detection techniques use mal- ware signatures for detection. It is easy to detect knownmalicious program in a system but the problem arises when the malware is unknown. Because, unknown malware cannot be detected by using available known malware signatures. Signature based detection techniques fails to detect unknown and zero-day attacks. A novel approach is required to represent malware features effectively to detect obfuscated, unknown, and mutated malware. This paper emphasizes malware behavior, characteristics and properties extracted by different analytic techniques and to decide whether to include them to create behavioral based malware signature. We have made an attempt to understand the malware behavior using a few openly available tools for malware analysis. We have observed that, sometimes benign files may also contain similar operations as that of malicious files which allows the anti-malware system to erroneously detect benign file as malware. When a file performs the same task for which it was created, then no suspicion arise. But, malware writers can misuse users trust and disguise malicious activities behind anticipated functionality. As per the results of our experiment the malicious operations are positively detected in multiple samples under consideration. Analysis of 100 samples has supported our assumption positively.