Abstract: Existing perturbation methods increase the evasion rate of static malware while making it impossible to run on the target host. In view of this situation, a static malicious sample generation model based on automatic perturbation strategy is proposed. The strategy constructed the action space, constructed the automatic perturbation strategy action library, adopted the heuristic combination method, combined the basic strategy and the historical optimal perturbation action in different ways, outputted the optimal strategy to the agent, and obtained the static malware adversarial sample generation model. We defined the harmonic mean of evasion and availability HMEA metrics to quantify the effectiveness of static malware adversarial examples. Experiments on the VirusShare dataset show that the evasion rate of the method reaches 42. 00%, the availability rate increases to 99. 50%, and the HMEA reaches 59. 07%, proving the effectiveness of the method.