The research group IT-Security published EXPLAIN as part of SAPPAN works.
It is a classification system and library using random forests to perform multiclass classification of malware families that utilize domain generation algorithms (DGAs).
Furthermore, they open-sourced the phishing certificate classification pipeline here.
