The invention provides a malicious code visualized analyzing method based on the Shannon information entropy. The method includes the steps that firstly, the binary bytes of a malicious file are converted into yellow brightness values of pixel points of a pixel map, and the points with the pixel value being Ox20-Ox7E are marked through a green channel Ox50; secondly, the local entropy of the pixel value in each 256-byte block in the pixel map is calculated based on the pixel value of the pixel map, and the local entropy is calculated according to the following Shannon information entropy formula: Entropy=- *log2pi, wherein the pi represents the occurrence probability the byte (pixel) value i, the value of the i ranges from Ox00 to OxFF, and the Entropy is the local entropy. The f (Entropy) value of the local entropy value Entropy is calculated according to the formula: f (Entropy) = 2-1, and the entropy diagram is generated through the calculation result of the f (Entropy); thirdly, normalization processing is conducted on the calculation result of the f (Entropy), and an entropy normalization diagram is generated. By means of the malicious code visualized analyzing method based on the Shannon information entropy, samples of various groups can be effectively distinguished, when the malicious codes of the same group are analyzed, the potential distinctions can be found much easier, and a basis is provided for mastering the variant evolution law of the group.