Some network threat analysis approaches regularly assume both the attack scenario and the corresponding impact are known. However, some malware got updated with new features along with its variant appearing leads to the alternation of attack sequences, for example, random filename of download malware; retrieve a domain name based on IP address and random port generation. As a result, defender cannot effectively detect and estimate their impact that affect the correctness of safeguards put in place. Accordingly, the present study proposes a new method for analysis of malware signature problem aggregating Dionaea honeypot system for investigating its malevolent behavior. In the proposed approach, signature reports are sent to compare with CVE(Common Vulnerability and Expose) for a specific virus, ensure that whether the variant got updated with information or not. The probability of virus affection is enhanced by means of frequent episode. Finally, a series of case studies for threat analysis are performed to investigate the attack actions required to successfully estimate the threats from system vulnerabilities thru attack trees. Overall, the results confirm that the proposed method provides an effective means of analyzing the impact losses and selecting suitable safeguards for defenders from malware threats.